Microsoft spend millions on their O/S are we right to corporate hack it?

Time and time again I’ve come across Corporates and Business with an apparently over zealous approach to O/S customisation. Strategy, Secutiry and Local IT teams all too keen to ‘customize’ and ‘secure’ a platform, often resulting in chopped functions and hacked registries … often too this is done outside of Microsoft guidelines to whatever flavour the team(s) ‘guru’ is presently trending.
Are we losing the true flexibility and capability of the O/S in favour of ill-perceived control or are we collectively saying that as it comes out of the box it’s not what we want?