Database Security and Least Privilege
Your database often holds your most valuable and sensitive information, which makes it a prime target. Sound database security is layered, but one principle underpins it all: give every account only the access it genuinely needs.
This article explains least privilege and the wider controls that protect your data.
The Principle of Least Privilege
An account that only reads reports should not be able to delete records. By granting the minimum rights for each role, we limit the damage if any single account is compromised or misused.
Layered Protections
- Strong, unique credentials kept out of source code.
- Network rules so the database is not exposed to the open internet.
- Separate accounts for the application, reporting and administration.
- Encryption of data in transit and at rest.
Why It Matters to You
Beyond avoiding breaches, these controls help you meet data protection obligations and demonstrate due diligence to customers and auditors. They also make it far easier to grant and revoke access cleanly as people join, move roles or leave, without anyone quietly accumulating rights they no longer need.
If you need a hand with any of this, your Progressive Robot delivery team is ready to help. Raise a ticket from the Support area of your client portal or speak to your account manager and we will guide you through the next steps.