Which practice involves only granting a user the minimal permissions necessary to perform their explicit job function?

Granting a user only the minimal permissions needed to do their job centers on the principle of least privilege. This approach limits the access scope so that even if credentials are compromised or a user acts improperly, the potential damage is confined to what is strictly necessary for their explicit duties. It also helps with monitoring and auditing, because access is tightly scoped and easier to justify. In practice, each role is mapped to the smallest set of functions and data required, and permissions are reviewed regularly as duties evolve. For example, a finance clerk should have access to the tools and data necessary for reporting their work, not full system administration rights. Other terms like due care describe acting with reasonable care in general, ethics concerns moral behavior, and a data processor refers to a legal role under data protection law rather than a permissions model, so they don’t describe the specific access-granting practice in question.