I didn’t think it would be possible to make SharePoint permissions worse in 2013, but it is. Much worse. SharePoint 2007 and 2010 Site Collection Administrators and Site Owners are going to have to really keep their heads to effectively manage permissions in 2013. The need for a third party tool is actually no longer a luxury but an outright necessity.
Microsoft, please, you need to stop messing this up and fix it. It’s becoming a nightmare and serious operational risk for businesses trying to demonstrate security.
Anyway, while by no means a perfect solution, adding a Site Page with multiple versions of the Site Users Web Part on it can maybe assist Site Owners in seeing instantly who has access on their site. Deep-diving into the site to find out where these people and groups all have access is another matter altogether and I’m far too tired to write the 10 page book it would take to explain. :-S
Create a new Site Page and insert Site Users from the Social Collaboration Web Parts.
Edit the web part to show members of a specific group, then insert the name of the group. Don’t forget to edit the title of the web part so they all reflect the group name. Change the Toolbar type to show no toolbar.
Add the web part 4 times so you can display the default Members, Owners and Visitors groups as well as direct access.
Slightly shleppy to set up, but it should help new SharePoint users get a handle on things and bring a level of comfort to nervous users with sensitive content.