1. Least privilege, which is a practice that ensures individuals only have “just enough access” they need to do their jobs.
This can be a powerful method for further developing security, however can become bulky in the event that somebody's job envelops excessively.
In these cases, the security group might make such a large number of consents for a solitary job
This will increased the possibilities of an unfortunate choice that could adversely affect the association's security, Forrester cautioned.
2. The second principle is the segregation. separation of duties, which can help make least privilege a reality, but it doesn’t address access prevention
Through this rule, people shouldn't have unnecessary honors.
For example, a sales rep would not be able to alter the pricing of a product, but would instead need approval from a manager.