I’m not a network security expert, so I don’t know the threat model. I just know that this is a thing companies do sometimes.