A mere four years after its founding, Airbnb was operating in 89 countries and had just become a Silicon Valley unicorn. Then came a raft of property-trashing incidents. In response, the company radically upped its host-property guarantee to $1 million. Since then, with every new form of mishap, transgression, or breach, whether by hosts or guests, Airbnb has steadily amended or expanded its safeguards (including age restrictions, identity checks, and reviews) and its ground rules (which are designed to ensure fair play and accountability and offer recourse for repeat offenders).

Consider the converse: In Uber’s early days, to fend off mounting competition from Lyft and to grow the business faster, the company saw the need to expand capacity and lower prices. To attract more drivers, the company waived the commercial driver’s license requirement. While controversial at the time, relaxing this safeguard transformed the shape of urban mobility.

Safeguards are meant to protect either or both sides of a transaction or interaction in an online ecosystem and reduce negative outcomes. Too few can hinder an ecosystem’s growth. Yet too many can be time consuming and costly to maintain and potentially intrusive, stifling relationships and other positive outcomes that spring from a free-market exchange.

So how do companies know when their safeguards are too onerous? How many are too many? Conversely, how can companies tell when there are not enough? In designing safeguards, ecosystem orchestrators must find a sweet spot. Because trust is at the heart of digital interactions and ecosystem success, safeguards should be the concern not only of operations but also of orchestrators and participants.