With the launch of PDMWorks 2008 SP2, there is a new security option that is available for use. Now users can choose to select specific files and decide whether or not they want to share the files with other users or block access. To control the permissions, right-click on a file, Properties, and go to the permissions tab. See image:
Here is a little summary: Before this addition, the security of a file was typically determined by vault location and lifecycle state. In other words, if you were in the engineering department, and you had rights to see all files in the "New Projects" vault, then you could see all files, no matter who created them. With this new option, an individual user can chose to deny access to a file or set of files. OR the administrator can set an option to deny access to any file created by a specific group. In other words, if you are in the R&D group, you can create files all over the vault and no one can see those files except others in the R&D group.
Of course, this gives an individual a lot of power, and "With great power, comes great responsibility." Any user can just decide to hide files in the vault. So, this is a permission that the administrator has to grant a user or group. Otherwise the option is not available. The administrator can modify the option by editing the normal security profile for a group or user and selecting the option shown in the image.