Prevent the organization-defined software from executing at higher privilege levels than users executing the software.