The stupidity of the whole thing is that by creating these MiTM servers, they're creating a single point of security failure. Anyone who then compromises one of those servers, can with a little care, trick the entire organisation into downloading compromised executables from what they think is a trusted site.

Also when you're snooping on a conversation between myself or one of my servers and one of your employees you are impersonating me and intercepting my communications too! I did not sign your AUP to agree to this. Also if I happen to be in a two-party consent state at the time, and you're intercepting a VoIP call/Teams/Zoom with me, that's a crime.

Imagine the legal consequences too, when the services you host make sent personal data to an (otherwise valid) data processor, but surprise the network-wide policy sent traffic went through a random third party that is not part of the Data Processing Agreement and privacy policy given to the end-user/data subject...