I'd say I think umask 0007 is a bad idea. You have system functions running as their own userids for a reason, to fence them off from root permissions because they could be exploited. For example, if you're running FTP, it's running as it's own userid, but it needs read access to some system files owned by root. If you solve that problem by adding that user to the root group, with umask 007, you've just given that userid full root access, and if someone successfully pops your FTP server, you handed them the keys to the kingdom. That's why 022 is the norm... even members of the root group can't overwrite root's files.
For your ordinary users, 0007 would also take away execute privileges for ordinary bash commands a user might execute, like cd, grep, man, etc. This would effectively render your system useless to them.
If there are certain files/directories you don't want world-readable, the best practice would be to do a chmod there to remove those permissions, and otherwise, let the umask do what it does.
As for why it's four digits and not three, that's because the leading digit covers sticky bit or setuid/setgid. If you omit the leading digit it's treated as a zero, so umask 022 = umask 0022.