Answer:
A computer user should only have as much access as required to do their job.
Explanation:
A computer user should not be able to access resources outside of their job requirement, as this poses a potential attack vector for an insider threat. By limiting the scope of resources to just what is needed for the user's specific job, the threat to the system or company can be mitigated with additional access control features for the computer user. Never allow permission higher than what are needed to accomplish the task.
Cheers.
