Salesforce B2C Commerce 24.7 > B2C Commerce Security Guide > General Security Best Practices

Follow the Principle of Least Privilege

The principle of least privilege is a core zero trust concept. Implementing least privilege means that you give users, applications, systems, and other components only the minimum privilege level they need to do their job.

Design granularity into the application to allow for separation of responsibilities within an organization. For example, a user account for the sole purpose of checking analytics does not need permission to manage the product catalog. So, the user account only has rights to check Business Manager Analytics. Other privileges, such as managing the catalog, are blocked.

Effectively managed role-based access control (RBAC) makes these implementations possible. RBAC lets you create roles based on a set of permissions. Managing users’ permissions is now as simple as assigning them to their corresponding roles.

Least privilege provides the following benefits.

  • Users can’t accidentally perform high-privilege actions without explicit permission.
  • Malicious insiders can’t leverage over-privileged accounts to further their attacks.
  • Attackers can’t take advantage of poor permissions to make their attacks easier.

For example, all Business Manager users and OCAPI clients are set up with deny-by-default permissions. It's the administrator's responsibility to provide the permissions that allow each user to do their job.

The administrator must also ensure that all users, roles, and permissions are updated and relevant. Regular audits on the accounts can help the process.

Related tasks
Create a Role

Infocenter Retirement: On June 30, 2023, the Infocenter was retired, and documentation currently hosted on the Infocenter will be published to Salesforce Help, Commerce Cloud Developer Center, and Salesforce B2C Commerce Developer Documentation Resources. For more information, see the release note.