Principle of Least Privilege
The principle of least privilege says every user, process, and system should have only the minimum access needed to do its job. Applied consistently, it limits how far an attacker or a bug can spread after an initial compromise. It guides everything from file permissions to cloud IAM policy design.