When a user has full control, they are able to modify the permissions and owner of items that they have full control to. This is because the full control item in the permissions dialog grants Change Permissions and Take Ownership rights.
Modify contains every right that full control does, except for Change Permission and Take Ownership.
By granting modify instead of full control, the user can still create, delete, change, and move files within their folders, but they cannot change the permissions or change the owner of these files. This will ensure that your permissions that you as the administrator have set on these shares will remain uniform.
Even though users may not be malicious or mischievous and change these settings, many (poorly written) applications will break inheritance when saving files, and you end up with individual files and folders that are not following your designated permission model. By giving users modify instead of full control, these applications cannot misbehave since the files must be saved with the permissions and inheritance rules set on the parent folder.
In a typical scenario, say a payroll departmental share, I may use the following NTFS permissions. Consider using something like this as a base for your NTFS permissions on shares in your organizations.