While on its face this may seem an excessively friendly default, DNS data is essentially public (that's why its there) and the bad guys can get all of it anyway.
However if the thought of anyone being able to transfer your precious zone file is repugnant, or (and this is far more significant) you are concerned about possible Do S attack initiated by XFER requests, then use the following policy.
Once the zone transfer has been received and the zone has been updated, then this zone refresh is complete - named does not continue to try the other servers to see if one of them has a yet bigger SOA.
The frequency with which this type of refresh takes place is controlled by the settings in the zone's SOA record.
This statement may be used in a zone, view or global options clause. IP address(es) that are allowed to transfer (copy) the zone information from the server (master or slave for the zone).
The default behaviour is to allow zone transfers to any host.
The default behaviour is to allow zone updates only from the masters IP(s).Bind9's does not update it's records even though I am updating the serial number in the SOA and the refresh is set to 30 minutes.