Groups are used to manage the roles and permissions of users in a collective manner. A group's permissions are inherited by its users.
You can create a group based on the operations you want its members to be able to perform. For example, you may want some users to have full administration capabilities while you may want others to only have access to lookup package information. Rather than set permissions for the users individually, you can create Groups and assign the users to them. By assigning permissions to the groups instead of to the individual users, you will be able to update the roles and permissions of the groups' members quickly whenever you want to change their roles.