This change doesn't have impact on the security because it is still the same user/client.
This has a impact on security and thats why we do not use group write access in ISPConfig. It makes a big difference if a client has ten sites and one of them gets hacked. With the current setup, this affects only one site. With your modification, it will affect all sites and all sites have to be reinstalled. Additionally, some security extensions for apache will not start with group writable permissions.