Permissions: start restrictive, loosen carefully
It's far easier to grant access later than to claw it back. Defaulting to least privilege saves you from a sprawl of over-permissioned accounts.
When setting up who can do what, there's a tempting shortcut: give everyone broad access so nobody is ever blocked. It feels frictionless. It also creates a sprawling mess of over-permissioned accounts that is a security risk and nearly impossible to untangle later.
Granting is easy; revoking is hard
Adding access when someone genuinely needs it is a quick, low-stakes action. Removing access that someone has had for a year is fraught — you don't know what depends on it, and taking it away risks breaking something. So over-granting accumulates and never gets cleaned up.
Default to least privilege
Start everyone with the minimum access they need to do their job, and grant more deliberately when a real need appears. It creates a little friction up front and saves enormous risk and cleanup later. The goal is that access maps to need, not to whoever asked loudest on day one.
Granting access is a five-minute favor. Revoking it is a project. Start restrictive and loosen on purpose.