Difference between revisions of "Need-To-Know"
Jump to navigation
Jump to search
(→NIST) |
|||
Line 5: | Line 5: | ||
The terms ‘need-to know” and “least privilege” express the same idea. Need-to-know is generally applied to people, while least privilege is generally applied to processes.<br /> | The terms ‘need-to know” and “least privilege” express the same idea. Need-to-know is generally applied to people, while least privilege is generally applied to processes.<br /> | ||
+ | <!--- | ||
== International Standard == | == International Standard == | ||
− | + | --> | |
==See also== | ==See also== | ||
Revision as of 22:42, 9 May 2016
National Definitions
United States
NIST
Need-to-know (NTK) is a method of isolating information resources based on a user's need to have access to that resource in order to perform their job but no more. [1]
The terms ‘need-to know” and “least privilege” express the same idea. Need-to-know is generally applied to people, while least privilege is generally applied to processes.