Well, if I do this:

SecurityBasics.DefaultPermissionInfo = new PermissionInfo(PermissionAction.Grant);

Then, I have to specifically deny people access to everything they should not have access to (the taking-away-the-keys-to-the-kingdom approach).  I see more why Greg suggested deny as the default (the don't-let-them-have-the-keys-at-all approach).  This will take a bit of time to setup.  I see why you suggest waiting until the end of the development process; however, I may have been better served to consider some of this stuff up-front.  

Thanks for your help, gents!
Bill 

You got it...this is the same approach that we take and we have good roles and data setup so that our customers can implement their desired security permissions easily.  But it is definitely best NOT to grant by default.

Any time Bill. It takes a while to really understand RBS, as it is pretty complex/full featured. It rocks though!