In the explanation to a company I see nothing wrong. In the tendency to make employees agree to arbitrary ToSes, I see massive liability that should be dealt with using a massive class action lawsuit against some behemoth.
I actually think federated protocols are a get out of jail card for employers since making your job related to owning a car is reasonable, to owning a specific brand of car is not.
We have a new corporate policy that removes your access to anything related to O365 by Date. The only way to remediate this issue is to install InTune and the corresponding corporate security office's profile so it can enforce our policy on the device. If you qualify for our corporate device program, we will cover the cost of the device and data plan.
Sincerely, CTO
Honestly, it's very common at the largest public corporations and most corporate r&d groups in the US. It's not like we don't already do black box development or have strict vpn only enforcement rules. I wonder how risk assessment sees these kind of federated protocols because in theory you are right about it reducing liability if they run the system.
Maybe places like google are different, I would not know but I’d be surprised to learn that there’s any publicly traded company that does not exercise total control of their machines.
