Security Groups are the 3rd piece of the puzzle for a full three-tiered security architecture. The other 2 pieces are users and roles.
Groups define what records a user has access to whereas roles define what a user can do with a record (e.g. nothing, view, edit, delete). Think of Groups as what groups of users should have access to certain records and Roles as what they can do with those records.
With SecuritySuite, you can create a customized set up to support any sort of organizational structure that you may have. The many different options that come with SecuritySuite will make it easy to lock down your sensitive data to just those who need it while providing a bunch of additional features to make managing your company easier.
In additional to that, SecuritySuite comes packed with a host of great features needed to effectively run your CRM.
Custom Group Layouts
Great for both optimizing the interface by removing unneeded fields and for hiding sensitive information.
Multiple Assigned Users
This has been a long time limitation in SugarCRM and SuiteCRM, but not anymore.
Grant Admin Rights
Give users the ability to administer users, be admins for only certain modules, or even the ability to customize layouts only for certain modules
Setting Up SecuritySuite
Any organizational structure can be supported. Here is one example: