Hello Rebecca and welcome.
I have never used the security and permissions settings myself (nor VB) and if you can't get the security to work through the menus (as Paul mentioned they are fairly involved and, after a few minutes of mucking around with them, IMO they are not very intuitive) then there are a couple of work-arounds below.
If your database is a switchboard setup then you can have one switchboard in a new database for the average user (which allows them to run queries, view reports etc.) with tables that are linked back to the tables in the real database(s). From memory you can set the permissions on the linked tables (i.e. read, write, read & write) but the method for doing this through the menus is eluding me at the moment (someone here might be able to help) - I've done it before (i.e. setting linked tables to read only) but I can't remember how.
If your average users are forced through a series of forms for everything and they don't need to get into the data tables or query/report design, then you can hide the database window, force the user into the switchboard via an autoexec macro and set the permissions for various forms to be "read-only".
Meanwhile, the "power" users, or administrators, would have access to the "real" database with the live tables or a version of the database that doesn't have the read-only restrictions.
If you can't set up restrictions on the linked tables in the users version of the database, then an alternative work-around might be using a "snapshot" of the data - i.e. the users version of the database gets a copy of the tables from the live database each night. They can hack and bash the data in the tables all they like and you will be safe in the knowledge that everything will be put right overnight when you import / export the data from the live tables into the users tables each morning or night.
But, I'd still try going through the security menus first to see if your answer is in there.
HTH, Andrew.