Sometimes after delivering a site, you want to be able to lock the config so that it can't be changed without going through the dev process.
Offer the ability to 'lock' configuration against any changes. This would mean anything which changes config (like the admin UI) would simply have not effect. Ideally there would be visual cues to the user that this is true. This settings should not live in the admin itself, but rather should be set in a config variable with no UI, or in settings.php. If config is locked, imports should still be able to take place.
Even if we don't build this into core, we should ensure there is a way for contrib to hook in to provide such a feature - see https://www.drupal.org/project/config_readonly