Glossary
L
Least Privilege
- Description: A security principle where users are granted the minimum access necessary to perform their duties.
- Origin: Security best practice recognized since the 1970s.
- Impacts Data Types: All sensitive or privileged-access data.
- Examples: Limiting database access to only necessary tables.
- Potential Fines: Indirect — can lead to non-compliance fines (e.g., under HIPAA, GDPR).
Location-Based Access Control
- Description: A security measure that grants or restricts access based on the user's physical or network location.
- Origin: Evolved from traditional access control methods in the 2000s.
- Impacts Data Types: Sensitive internal documents or system access points.
- Examples: Blocking VPN access from outside a specific region.
- Potential Fines: Indirect — relevant if used in regulated industries and improperly configured.