It’s not secure and it not required. This is the deny/allow for the specific extension, which should almost certainly never be at your ITSP.
Your phones are going to be someplace specific (like in the local LAN or on a VPN) or they aren’t (in the wild out on the Internet). This is the “deny/allow” address range for this extension. Adding your ITSP means that anyone that gets into your ITSP (or appears to) can then connect to your system as if they were an extension and dial all they want. Not recommended. If you do set this to your ITSP, the only way you will be able to call is from your ITSP’s server. I don’t think they are going to let you do that, and your extensions in the local network will not be able to connect.
Your phones connect to your PBX, your PBX connects to other PBXs and other people’s phones.