Just the sort of thing you see in the real world. It's much easier to lock down access for a network with less people using it.

A network with more people starts to find all the edge cases where your lock-down rules break legitimate things, which results in calls to your boss from people with the clout to make you change stuff.

Similar for reporting, alerting, etc. Volume and variety of traffic can force you to be more lenient in larger networks. Or lose any real effectiveness because your signal/noise ratio is now bad.