Dave Krunal

Cybersecurity | Filmmaking | Perspective

Cyber Sketches

Permission vs Privilege

We often overlook the difference between permission and privilege. These are the two standard principles of a secure IT environment.

The Need-to-know principle focuses on permission. It allows specific access to objects, such as you are allowed to read a time on the wall clock. However, you cannot change the time.

The least privilege principle focuses on privilege. It’s a combination of permission and the right to take action. You have the freedom not only to read the time but also to change the time.



Leave a Reply

Your email address will not be published.

Back to top
error: Content is protected !!