All systems operational

Least Privilege

Apply the least-privilege principle: give each person only the access they need. This limits risk if an account is misused or compromised.

#Purpose

Reduce risk by minimizing unnecessary access.

#When to use this

Every time you assign or review roles.

#At a glance

DetailValue
Required permissionsUser management (CEO or admin)
Administrator levelCEO / Admin
Portal areas usedRoles, Users

#Step by step

1

Start from the narrowest role

Assign the least access that lets the person work.
2

Escalate only when needed

Increase access when a real need arises.
3

Review regularly

Remove access people no longer need.
4

Limit admins

Keep CEO/admin roles to a small, trusted group.

#Approval points

No formal approval gate

This administrative action does not require a separate sign-off, but review carefully before applying changes.

#Security notes

Security considerations

  • Fewer privileged accounts means a smaller attack surface.
  • Review access after every role change and departure.

#Best practices

  • Default to the narrowest role.
  • Audit access on a schedule.

#Common mistakes

  • Granting admin for convenience.
  • Never revisiting access.

#Troubleshooting

If this happensTry this
Too many adminsReduce to a trusted few and move others to fitting roles.

#FAQ

Does least privilege affect AI?

Yes — since AI acts within a user's permissions, narrower access also limits what AI can do on their behalf.

#Keep exploring

#Business modules & workflows

#AI departments

Still need help?

Can’t find what you’re looking for? The DevSphere OS team is happy to help.