I think it's actually a bit more subtle than that. The post says the law firm "wanted [them] to be the only person with admin access to the Cloud, everyone else would be limited to view only". I wonder if their job is, more than anything else, to be the person who is legally on the hook if anything goes wrong, because they're the only one with write access.