What is described as a security design principle allowing only the necessary system access?

The principle of "Least Privilege" is focused on minimizing the access rights for users, accounts, and processes to only what is absolutely necessary to perform their tasks. This means that individuals are granted the minimum set of permissions needed to carry out their functions, reducing the risk of unauthorized access to sensitive information and system resources. By following this principle, organizations can help protect themselves against accidental data loss, data breaches, and exploits by limiting the potential actions that any user or system can perform.

In practice, implementing least privilege often involves periodically reviewing user permissions, adjusting access rights as roles or projects change, and ensuring that new accounts are not assigned more permissions than required. This principle is fundamental to strong security postures, as it helps contain potential vulnerabilities that could be exploited if excessive privileges were granted.

Other options touch on broader concepts related to security but do not specifically address the targeted restriction of access that least privilege embodies. Access Enforcement refers to the methods used to enforce access permissions, Access Control encompasses the overall policies and mechanisms used to restrict access, and System Baselining is related to establishing a standard configuration for systems to compare against for deviations, rather than focusing on access rights.