PrivilegeCreep

Privilege creep is the gradual accumulation of unnecessary privileges or access rights beyond what a person or system needs to perform its duties. It is commonly described as permission creep. It often results from transfers, role changes, and incomplete revocation of old permissions, leaving users with broader access than required.

It is observed in IT and cybersecurity, cloud platforms, data repositories, and enterprise applications, as well

The consequences include increased security risk from insider threats and data breaches, higher chance of accidental

Mitigation strategies emphasize least privilege and continuous access governance. Key measures include regular access reviews, automated

Related concepts include privilege escalation, permission creep in the context of vendor or contractor access, and