> Maybe this is a practice that needs to stop. Malware scanners can scan on the local machine after the browser has decrypted the communication and web filtering, I think, is nothing but a sign of mistrust against the users.
It's really kind of a giant security vulnerability. If an attacker can compromise the machine doing the MITM on all the encrypted connections then they get every password and credit card number for every user in your company for every website.
Sure, but once you allow local administrator access to your machine, the "guest" can modify your data and software however it wants, so you've already lost.
