Access Control

The primary supervisory authority established by the GDPR. The board consists of the heads of EU member states’ supervisory authorities as well as the European Data Protection Supervisor. The goal of the EDPB is to ensure consistent application of the GDPR by member states.

A security principle which mandates that users should be granted the least amount of permissions necessary to perform their job.

A deliberate configuration change within a system by a malicious actor, typically to create back-door access or exfiltrate information. While the original change in configuration might involve a compromised account or other vulnerability, a malconfiguration has the benefit of offering long term access using legitimate tools, without further need of a password or after a vulnerability is closed.