You can delete your access groups. Since you have two types of user that are identified with a single session variable, groups is over-complicating it.
You can just use three access rules without groups. Groups is for creating lists of users and grouping them... like if you wanted users 4,8,10 to be admin. You are already grouping your users in your database and saving the group in the session.
Your access rules could just be:
Admin = Allow if: session variable SecurityAssist_UserID has value = 1
User = Allow if: session variable SecurityAssist_UserID has value = 2
Logged In = Allow if: session variable SecurityAssist_UserID does not equal "" (blank)