What is Least Privilege?

Paul Querna·CTO, Co-founder C1·8 min

In this video, CTO Paul Querna breaks down how access accumulates over time and introduces practical tools like just-in-time access, user access reviews, and role-based automation to enforce least privilege and reduce identity risk.

Main Takeaways

Access naturally accumulates over an employee’s time at a company, creating unnecessary risk.
Least privilege means reshaping that access graph so it rises and falls based on real need, not just seniority or tenure.
Just-in-time (JIT) access is ideal for high-risk systems like cloud infrastructure and databases.
User access reviews (UARs) help prune outdated access, but require thoughtful automation to be effective.
Role-based (RBAC) and attribute-based (ABAC) policies should automatically adjust access as employees change roles.