>> Today, we're pretty much a BYOD shop (we buy new employees unmanaged laptops). People manage their own devices and we do colab stuff with Google Workspace. Developers love this because they don't have to "mother may I" IT for every tool and library.
BYOD may be fast and easy for employees, but it makes employees a ripe target for attacks:
If your shop is serious about security, then more controls over BYOD are a must. That usually means no more BYOD or a more managed BYOD to ensure that there is no vulnerable software on employee devices.