I think they mean malware. Ransomware for example. Nothing wrong about locking a network down in general. Work network doesn’t have to be an open, all things go, network just so employees can instagram. Heck, there are organizations with air-gaped networks for very good reasons.
Instagram on your phone while at work. Don’t expect privacy on managed work machines. You company can see your emails. They can install CA on your managed machine and MITM your https traffic.
I hate the trend of also managing personal devices. But I get that it’s a complicated subject.
I'll be worried when I hear the first case of an employee getting in trouble for doing something innocent on corpnet. Right now I assume they can see everything while using one of their devices or on their network but they never bug us about it. They seem mostly interested in stopping malware/leaks, which seems quite reasonable.
As the grandparent of this thread, I can definitely say I don't care about personal browsing on work computers. I consider that an HR issue (if it impacts their ability to do their job), not an IT issue. The ability to manage network traffic comes entirely from maintaining a secure and functional network.
MITM can't prevent leakage for a determined spy or insider trader. I worked at a bank, they blocked FB etc with a blacklist, but it was very easy to circumvent. Whitelist might work, but it would create too much management headache.
Instagram on your phone while at work. Don’t expect privacy on managed work machines. You company can see your emails. They can install CA on your managed machine and MITM your https traffic.
I hate the trend of also managing personal devices. But I get that it’s a complicated subject.