The "complex protocol" is actually "plain" Windows file sharing, which is practically always enabled in the local networks. That's how the computers in the local network are traditionally supposed to be maintained.
I've managed a bunch of computers which weren't configured so, but configuring them that way you lose everything Microsoft created for the management of the computers in the local network -- to be effective you'd have to maintain and develop your own tools, which most of the companies wouldn't like you to do. It the users are supposed to "normal work" on the given computers, not enabling the file access is much harder to achieve.
I know there are "everything virtualized" approaches, but they are really expensive.
Windows file sharing (SMB/CIFS) is complex, in comparison to delivering remote applications using HTTPS (TLS/HTTP) through one single port (which is very simple, and easier to secure). So compare: local applications running many client remote protocols, or running remote applications through HTTPS (TLS/HTTP) with all the complexity at server-side (e.g. in-building data center, or remote data center, with high availability and being fault-tolerant, etc.).
Personally, I consider the approach "nothing done on the clients" problematic on many levels. I like what Apple is doing, like trying to make the client phones do the processing there, and not moving everything to the cloud, but still keeping the phones somewhat harder to be attacked "en masse". But there they have the user base that has grown effectively from nothing, on another side the whole personal computing approach has other historical development and expectations. The oldest known computing approach was actually "dumb terminals" but moving completely in that direction is quite wasteful.
At the end, I blame Microsoft for not recognizing enough what their users actually want: I know a lot of the companies which actually pay "the Microsoft tax" (as much as the Microsoft accounting is considered, they "use Windows 10") while in fact using Windows XP and anything but 10.
And they are right to do so. The problem with everything after XP wasn't that the companies wouldn't pay for support. The problem was that Microsoft "innovates" in the areas that businesses find directly harmful. The business would of course like updates, would of course like better and safer protocols implemented, would of course turn on new security settings if they would be delivered, but they don't want all the annoyance of all that doesn't have to do anything with the infrastructure, like "Windows or Windows Server which you have to use through the new 'phone' UI."
In short, there are many reasons there's a lot of Windows XP use, and Microsoft simply decided that they don't care.
Linux is of course even worse, even with the efforts of Red Hat to have long-term stable OS versions, the concept is that most of what the user consider "just apps" are typically so dependent of so many random stuff that maintaining the stability is unnecessarily hard.
Finally, Apple traditionally doesn't care for the company use of their products much.
Which leaves most of the infrastructures in not having any "straightforward" choice. And "redeveloping everything" every time the OS companies decide to "innovate" is really not possible.
That's were we are now. There's simply not enough awareness among the OS companies that "every non-programming entity" wants the stable infrastructure. Instead, the attention deficit goals of the managers of the moment are typically chased.
I've managed a bunch of computers which weren't configured so, but configuring them that way you lose everything Microsoft created for the management of the computers in the local network -- to be effective you'd have to maintain and develop your own tools, which most of the companies wouldn't like you to do. It the users are supposed to "normal work" on the given computers, not enabling the file access is much harder to achieve.
I know there are "everything virtualized" approaches, but they are really expensive.