Is this a secure way of doing things? Even if I have to set the files to be accessible by Group?
If you're concerned that someone else on the system could access the files because of their group permissions:
You can set the file group to a group that contains only www (or whatever apache+php runs as on your server). In general, every "user" on the system will have an associated group that contains only itself. So, when you personally create a file, assuming your username is auxone, the user/group should be auxone/auxone. You can easily change the group to www and set its permissions independently.
See the man pages for chmod and chgrp.
If you're more concerned about someone accessing your private files with your PHP script:
Set up a file access list for your script. Just use an array or database table that lists all the content files it's OK for the script to access. And, if the next step isn't obvious, have your script check that list before actually opening anything. Another option is to keep all publicly accessible files in a particular directory and safeguard your script against reading content files from anywhere else.
If you implement the latter option, make sure to strip leading .'s from filenames. You never know how those clever h4x0rz will sneak a ../ in there.
I plan to get a dedicated server so the Group thing may not be an issue. In that case, would you recommend I have two servers, one running the database and one that I FTP files to and from?
It's a matter of expense and necessity. If you don't need two servers for the sake of load-handling or reliability, it's a waste to get them (unless anyone else knows of a reason I'm mistaken).
Furthermore, would a dedicated server allow me to have an account with the same Owner access as PHP? Or is that root?
With a dedicated server, you should be granted root access. The system will be yours to destroy. And that user you're thinking of is probably not a PHP user; it's probably www or apache.
Does any of that make sense? Is it helpful?