[LinuxBender]

That is a challenge for us as well. Many of our partners use MitM proxies, but our privacy, compliance and legal teams will not approve the usage of them. We promote a work-life balance which means we allow people to use work resources for personal use. Culturally, that is great. It does create this conundrum however. The company does not want to be liable for intercepting personal and financial data that does not belong to us.

[lwheelock]

I know your pain. This is a big issue especially with GDPR kicking in.

Security teams have competing directives.

Board & Investors: “Prevent customer data exfiltration”

Privacy / Legal: “Employee activity monitoring Violates our regulatory obligations”

HR: “BYOD is essential to talent retention, cultural comfort, and workforce optimization”

Employees: “I refuse to use VDI or Jump Hosts”

[dingaling]

> We promote a work-life balance which means we allow people to use work resources for personal use.

Personally I think that is foolish and naive. Not just from privacy perspective but also liability and tax reasons.

Postmen don't get to use the vans for personal errands, factory workers aren't permitted to run the machines to make t-shirts for themselves. Why are IT resources considered differently?

If you want to permit WLB then tell employees that they are fee to use their personal smartphones and 4G plans.

[LinuxBender]

I agree with you. It's just the cards I am dealt.