Permission to use tables, columns, and commands can be assigned to and revoked from a user or a group. The order in which privileges are granted and revoked is important. You should grant and revoke privileges for the public group first, then for other groups, and finally for individual users. Only grant or revoke privileges to individual users where it’s really necessary. It’s much easier to maintain privileges for groups of users rather than for individual users because there’s less work involved for the administrator.
Remember, everyone belongs to the public group, so assign privileges to that group carefully. Also think about the guest user. Should you revoke all privileges for guests or allow them limited access to the database?
Note The terms privilege and permission are used interchangeably in SQL Server documentation and mean the same thing.