It's not rooted in reality and a gross oversimplification of the problem. GSuite is exposed to the open internet. Dropbox is exposed to the open internet. All of these services have permission models with "elevated access".
1) Your idea has been shown not to work (it's called perimeter security)
2) With the huge shift to cloud services you need a new solution anyways
1) Your idea has been shown not to work (it's called perimeter security) 2) With the huge shift to cloud services you need a new solution anyways