Most of the best ideas in IT security – indeed, security in general – have been around for a long time. One that is all too often forgotten is the concept of “least privilege”, or using the bare minimum level of access to get the job done.