I’m dealing with a system which users will access from multiple devices, with potentially different components of the system being used via each device.
For example, a user may be accessing component A and B on device 1, but only component B on device 2.
Would it be considered good practice, from a security perspective, to assign users multiple accounts, each for the different devices, with privileges tailored for each component use case?
For example, the user is assigned 2 accounts, one account for device 1 which has access to components A and B, and one account for device 2 which has access to only component B.
This scheme seems to me like a good idea, as it would align with the principle of least privilege. It could limit the access to the system a 3rd party could gain if a user’s device is compromised. It seems particularly useful in a situation where the users’ devices are different in type and operation environment – for example, it would be ideal to limit privileges as much as possible for an account which is used on a mobile device, which may be more easily accessed than, for example, a workstation PC.
On the other hand, I don’t think I’ve come across such a scheme in the real world before, so perhaps it is not good practice. Maybe it is overkill and provides minimal benefit compared to the inconvenience it would cause? Or maybe it creates difficulties in auditing (now a user’s actions could be from any of multiple accounts, harder to track)?
(Note that I’m not talking about admin-level privileges to system components. Obviously admin access should be provided via separate accounts.)