Researching the Internet I found if you don't want any users to be able to change a value, you should use Field Level Security (FLS) to make it read-only on a profile-by-profile basis:
Aug 31 2014 07:29 PM
1. Go to the object's field page under Setup
2. Click on the view link for the field
3. Click the Set Field-Level Security button
4. Change the field to read-only for the appropriate profiles (You would need to change to appropriate profile to test)
Note: Only use a validation rule for this when the field should be read-only only under certain circumstances; for blanket coverage modifying FLS is more appropriate.
Note: To set it up so the user can insert an initial value but not update an existing one you can use the following validation rule:
This will allow the user to enter a new value assuming no prior value has been entered, but once a value is set, it is locked in place.