By default every group or user defined in the RPD has read rights to each new element you add. This can be a bit of a pain in the a$$$ if you have a lot elements which each try own security group. Better to develop the RPD so that you have to grant each group access to a element.
This can be set in the NQSconfig.ini file:
Till Next Time