We're excited to see that Launch level security has been implemented!

Can I request the next step in that - role based security?

The idea is this: We create a custom role that gets assigned to a user, and then we set the module permissions on the role. So in essence, rather than having to go through every module and revoke edit/publish rights, we would just need to set it once. And when new modules are created, we would just need to add them to the appropriate permissions.

Example: We would like roles for our colleges, and those could be broken further down into publishing and editing roles.