The Principle of Least Privilege is one of the longest standing principles of security. People (as well as applications) should only have access to the things they need to do their job, and nothing else. While being overly permissive may make life a bit easier in the short-term, it can easily come back to haunt you long-term, whether due to a malicious attack, misplaced credentials, or even an honest mistake.