Screw the principle of least privilege

Posted on

The Principle of Least Privilege holds that every component in your system should have precisely the access to the rest of the system that it needs to fulfill its assigned responsibilities—and not one iota more.

This sounds like a great idea! Coarse application of access control, like how most folks use sudo, is find and dandy. Your CDN probably doesn’t need write access to your credit card database.

The trouble comes when you apply this to your people by limiting their access to your systems.

Sending builders or implementers or architects on a cross-departmental chase for access permissions so they can do their job is a wildly terrible idea.

If you trust people you’re doing this with, then you’re wasting their time and yours, and sending the constant and subtle message that you don’t trust them.

If you don’t trust the people you’re doing this, fire them. Why on earth did you hire people you don’t trust in the first place?

Trust your people—or fire them.

Subscribe to Ctrl+Shift.

Ctrl+Shift logo

Smartass guidance for adaptive tech leaders.

Take Control + Shift your thinking.

A two minute read every workday that'll save you and your team both angst and time every week.

    We won't send you spam. Unsubscribe at any time.