| You know what I mean, the TLS middleware is part of your IDS suite. Anyway. Personal use was not the norm. Locking machines down was. VPNs, corporate network perimeters, blocking copy paste (my god), TLS middleware boxes. It all sucks. And inspecting internet traffic is a breach of human rights among adults. Then we grew out of it. Now we have identity perimeters. Strong identity and yubi keys, webauthn, SSO. Honest.security reflects how people operate today. Modern IT stacks operated by ethical teams don’t do traffic inspection. We agree, TLS inspection is about control, not security. And that’s why it’s unethical. “No personal use” also just doesn't work, ideologically. Gotta access your bank for payroll, financial stuff for 401k, RSUs. HR portal has to be accessible on the personal side too for taxes healthcare and emergencies. Been there done that move on. I will concede that there are isolated highly security sensitive situations where full device control is needed like maybe for the employees or machines with access to a CA or production deployment keys or classified information with human loss of life at stake. But the no personal use mantra is not a blanket philosophy that’s healthy or good for modern society and isn’t relevant in 99.99% of use cases. You can even look at MDMs which have shifted from full device control to hybrid support. |