Permissions planning for sites and content in SharePoint Server
Some sites in an enterprise probably contain content that should not be available to all users. For example, proprietary technical information should be accessible only on a need-to-know basis. An intranet portal for employee benefits should be available only to full-time employees, whereas the home page of an Internet Web site is accessible by anonymous clients.
Permissions control access to sites and site content. You can manage permissions by using SharePoint groups, which control membership. Fine-grained permissions also help to secure content at the item and document level.
The following articles about how to plan security for sites and content are available here, Get help with permissions in SharePoint.