...
- Ask Salesforce to enable the setting for admins to login as any users http://help.salesforce.com/apex/HTViewSolution?id=000089838&language=en_US
- Decide on your groups of users, their hierarchy and what data they should see.
- Clone existing profiles - only do as few as needed - focus on the tab and app permissions and basic object permissions. Specific object and field permissions can be done via Permission Sets.
- Set up the Role Hierarchy
- Set up Organizational Wide Defaults - usually Private on the main objects such as Accounts, Leads etc unless everyone in the org should see and edit everything.
- Create Sharing Settings
- Create the Users
- Test Test Test
Dicing
Field Level Security
https://help.salesforce.com/HTViewHelpDoc?id=admin_fls.htm
Permission Sets
See the Salesforce Help for Permission sets as to what can be done in Permission Sets and what can be done in Profiles.
...