What is the recommended way of managing permissions?

Using groups to manage permissions is the most scalable and maintainable approach. When you grant access to a group, you’re effectively assigning a role or level of access once, and then you control who has that access simply by adding or removing members from the group. This keeps permission changes centralized and makes onboarding, offboarding, and role changes much easier, while also reducing the risk of inconsistent access across many users. If you assign permissions to individuals, every time a person changes role or leaves, you have to update multiple user accounts, which often leads to drift and errors. Giving permissions to the space owner concentrates control in one person and doesn’t scale as teams grow. Disabling guest access might be appropriate in some contexts, but it doesn’t address the underlying pattern of how access is granted and revoked. Group-based permissions strike the right balance between security, maintainability, and simplicity.