If you use rendering parameters in you components, you will create a Rendering Parameters Template to allow authors to edit and discover those parameters more easily.
Authors can then use the Edit Component Properties option available in the Experience Editor, as long as you have the Designing view enabled.
However, through that pop up your authors could modify caching settings, which is not ideal. It is also showing the datasource and placeholder fields, which they should not edit directly.
Since Sitecore 8.0 rev 150427 (Update-3) it is possible to remove those fields from the pop up. Those fields are declared in the Standard Rendering Parameter template. We can use Field Read security access right to hide them from authors.
Following Sitecore's security best practice instead of denying explicitly, we will deny inheritance on the role common to all authors that can use the designing features (most likely the sitecore\designer role)
Here you see how the caching and additional parameters sections are hidden away.
Admins will still get access to those settings, if needed, as security is ignored for them. If you need other users to access those fields, you could create another role that grants read permissions to the field and assign users to it.