I've avoided NTFS file permissions for the better part of two decades. First off, I'm not an enterprise admin, and secondly, it seemed like every network I came across had virtually no permissions. Unix, which has a primitive permission system, was usually more "locked down" in most cases.
Lately, though, there have been some mean malware in the wild, including one that encrypts your data, and then charges a ransom to decrypt it. Imagine that getting into your file servers. Yikes.
One corrective is to use those file permissions to protect your files from changes.