PoLP 101

Over the years, it was still interesting to note that humans seek greater power. In software applications, they usually request more access rights and configuration control. Requests like this often becomes a topic for audit and security team. This is because the principle of least privilege (PoLP) is being practiced in many organisations.

Why PoLP?

The key advantage for PoLP is the limited access granted to user to perform the required functions. This restrict data exposure and interventions to the system. Roles, security groups and policies are some of the key Cloud concepts created for the purpose of PoLP. By default, many cloud services are PoLP in nature.

Security Strategy

PoLP remains a major security strategy for applications and infrastructure in Cloud. The idea is to prevent security breach if any of the user account is compromised. Root account and admin role are restricted. Cloud objects are also not set to public by default. Typical security measures are to expose the required layers to the public Internet. Other prevention includes limiting the number of privileged user roles and user accounts.

PoLP is a key approach for security in major cloud platform. There is ongoing debate that PoLP creates a hassle for development. For the time being, you need to continue to educate users on the importance of PoLP.