Yes, I thought you mean a best practice for allowing remote PowerShell open for all Windows machines as a whole.

I guess that this best practice definitely makes sense after all.
You should defend your self with other security products to allow nearly 99% security.
I’m not aware of any app product that gives you also a fully secure shell.