The principle of least privilege is a concept that aims to grant users only the access they need to perform their tasks.
This limits the risk of malicious attacks, human error and data breaches by preventing possible actions in the event of a security breach or malicious manipulation.
For example, an employee working in an accounting department does not need access to customer data in the marketing department. He should therefore be given only the permissions necessary to perform his accounting duties, and not those that would allow him to view sensitive customer data.