If your contract data security needs are simple then rather than setting up the Full Security model you can make use of "Confidential" feature. When a contract is marked "confidential" then only those users that have been linked to that contract are able to see that contract. 

It is possible for any user (not just administrators) to make a contract “confidential”. When creating or editing a contract the “confidential” field should be set to “yes”. Setting a contract to be confidential overrides the security settings for that contract in such a way that only those people directly associated with that contract (via the “people” tab) will be able to view and edit that contract.

Fig 1: Mark a contract "confidential"

Tip: The confidential feature can be used in conjunction with the full security model. There may be one or more contracts that are within a specific security group that you may wish to limit access to for a short period or on a more permanent basis. Rather than creating a new security group to cater for this exception make those contracts "confidential"

Tip: Administrators can Always view confidential contracts