Sites that are grouped together so that the subsites can inherit the site groups from the parent sites lessen the time spent on security administration by taking advantage of security inheritance, a feature that is native to SharePoint. If you can manage the membership of the site group on one site and then use those site groups on multiple sites, the membership is more likely to be maintained, accurately and consistently, than if you are maintaining the groups in multiple sites.
You can use site security groups across a site collection to ease administration. These are the visitors, members, and owner groups SharePoint creates, or any custom groups that you define for the site collection. If a portion of your site has unique security requirements, it is a good candidate for breaking inheritance and changing the permission given to your SharePoint groups, removing one or more entirely from the site or creating and managing new/separate groups.
The following scenarios are examples of how an organization’s business needs will translate into security settings and how they are applied to SharePoint sites and features.
Many organizations deploy SharePoint based on its collaboration merits alone. In a collaborative environment, it is important to determine the correct level of access for users to ensure safe collaboration without breaking some of the valuable features that support the synergistic nature of team collaboration.
SharePoint collaboration ...