I would qualify that "tech companies that don't know what they're doing wrt IT". Apple does have some features to allow a bit of flexibility, but unless you do all of your work via VDI or similar, I'd consider non-MDM devices to be a huge red flag,
MDM does not imply surveillance. I wouldn't use it if it did. It does mean I can enforce full disk encryption and remotely wipe a machine if it is stolen, though.