This practice is recommended because it helps prevent malicious callers from misusing a remote procedure to perform actions that would otherwise be unauthorized.