The principle of least privilege is a concept that aims to grant a user only the access rights that are essential for the execution of their tasks.
This helps limit the risk of malicious attacks, human error, and data security breaches by preventing possible actions in the event of a security breach or malicious manipulation.
For example, an employee working in an accounting department does not need access to customer data from the marketing department. They should therefore only be assigned the permissions necessary to perform their accounting tasks, and not permissions that would allow them to view sensitive customer data.