Building on Steve's response, you could also choose to assign users to their own security group (ie the group name is the same as the user id), and only create the desired groups in the appropriate directories. If a user attempts to sign into a company for which their group does not exist, they will not be allowed access to the data.
_________________________
Regards,
Softrak Tech Support