Security and Privacy Basics — Lesson 3
Permissions, Access Control, and Audit Trails
Learning Objectives
- 1Apply least privilege to user roles and access levels.
- 2Design practical access control for teams of different sizes.
- 3Understand why audit trails matter for accountability and compliance.
Least privilege for business
The principle of least privilege means giving people only the access they need to do their job. An intern does not need admin access. A marketing team member does not need access to financial systems. A content editor does not need the ability to change site settings or manage user accounts.
Least privilege is not about distrust. It is about reducing risk. Even trusted employees make mistakes — accidentally deleting records, misconfiguring settings, or falling for phishing attacks. Limiting access limits the potential damage from both mistakes and compromised accounts.
In practice, this means using role-based access. Define roles like Admin, Manager, Editor, and Viewer, each with specific permissions. Assign people to roles rather than giving individual permissions. When someone changes roles, update their role assignment instead of manually adjusting individual permissions.
Access reviews and offboarding
Access accumulates over time. Someone who joined as an intern, moved to marketing, then to operations may still have access from all three roles. Without periodic reviews, permissions expand but never contract.
Schedule quarterly access reviews for critical systems. For each system, compare who has access to who should have access based on current roles. Remove access that is no longer needed. This prevents the common pattern of access accumulation.
Offboarding checklists should include every system, tool, and service the departing person used. Email, CRM, analytics, hosting, social media, shared drives, password manager vaults, Slack, project management tools, admin panels, and any API keys or integrations they set up.
Audit trails and accountability
An audit trail records who did what, when, and from where. Good audit trails log user actions, admin changes, data exports, permission modifications, and login attempts. They answer the question: what happened and who was responsible?
Audit trails serve multiple purposes: troubleshooting when something goes wrong, compliance with regulations that require records, internal accountability, and evidence in disputes. They are most valuable when you do not expect to need them — which is why they must be set up proactively.
When evaluating business tools, ask whether they provide audit logs, how long logs are retained, and whether logs are accessible to your admin team. Tools that provide detailed audit trails are generally more mature and security-conscious.
Case Study
The departed admin
Situation
A startup CTO left on bad terms. Two months later, the company discovered that the former CTO still had admin access to the hosting platform, the domain registrar, and the production database. No offboarding checklist existed, and nobody knew the full extent of his access.
Analysis
The company spent a weekend inventorying all systems, rotating every credential, and reviewing access logs. They found no evidence of misuse, but the vulnerability window was 60 days. A simple offboarding checklist maintained alongside an access inventory would have closed access on day one.
Takeaway
Maintain a living inventory of who has access to what. Use it during offboarding. The time to build this inventory is before someone leaves, not after.
Reflection Questions
- 1. Could you produce a complete list of every system and tool each team member has access to?
- 2. When was the last time your organization reviewed who has admin access to critical systems?
Key Takeaways
- ✓Least privilege reduces risk from both mistakes and compromised accounts.
- ✓Use role-based access instead of individual permissions — it scales better.
- ✓Schedule quarterly access reviews and maintain comprehensive offboarding checklists.
- ✓Audit trails provide accountability — set them up proactively.