To efficiently manage security, EnterWorks recommends that system security is managed at the user group level rather than the user level. Assigning system access to groups rather than to individual users not only requires less work to maintain, it also provides a mechanism for easily configuring access for a user by simply adding or removing them from a group.
To manage security at the group level, add users to user groups according to the tasks they will be assigned and the access they will be granted to data and system capabilities. For example, administrator, product manager, publication manager, or syndication manager. Then grant permissions to the user groups that control which functions the members of a group are allowed to perform and which objects they can access.
User and user group management tasks include: