Sounds like good data management hygiene to me. In my experience the less access you provide to developers and end users the fewer "mistakes" you have to fix. Inserts, updates and deletes have rules about when and how they're to be done called business logic. Access to the base tables should always be done via code that enforces those rules. Likely, there are rules about who can view what data too. Again, access should be provided by code that enforces the business rules.

Providing too many privileges to developers or end users will result in applications being written that depend on unnecessary privileges that will be a bear to maintain.

One of the prime directives of a DBA is to protect the data. The cost of the Database engine is irrelevant. What is the risk to the business if data goes missing or is altered inappropriately or seen by someone who shouldn't?