PC has a buit-in feature that avoids removing users from groups "jira-users" and "jira-administrators". Removing a user from the first one implies he cannot log in to JIRA any longer. From the second one, implies the loss of his permissions as an administrator.
Starting with JIRA 7, there are other groups that control who can access specific applications. like JIRA Software or JIRA Service Desk. It makes sense and it will make the product more consistent, to extend that protection also to those groups.