As new users are added to your system, you will need to
grant authorities to them as needed. You must also
add new users to appropriate groups. Conversely,
when users leave your system, their authorities should
be revoked, and they should be removed from all
authorization groups.
Use the GRANT and REVOKE statements to add or remove authorities.
These statements perform simple maintenance operations that
do not affect table data.
Whenever possible, it is recommended that you grant
authorities to groups rather than
individuals. This simplifies the task of
maintenance, since you only need to add or delete a name
rather than granting or revoking an entire set of authorities.
You can use simple maintenance operations to change the
characteristics of authorization groups. Use the ADD and
REMOVE statements to add or remove an individual or group.
Use the GRANT and REVOKE statements to change the authorizations
given to the group.