This changes their power dynamic. One could argue they ought to find another job once the shady stuff started, but I still think you should focus on the actual instigators rather than the pawns.
In a security-sensitive corporate setting it is already harmful if anything gets uploaded to some cloud service - if this occurs, the damage already happens and anything that follows is "just" damage containment.
I believe about every company that develops software has some clauses about what software is allowed to be installed on the corporate computers and who has to initial any request to install a new program on the computer.
One of the owners was hired by Kite half a year ago.
This changes their power dynamic. One could argue they ought to find another job once the shady stuff started, but I still think you should focus on the actual instigators rather than the pawns.
In a security-sensitive corporate setting it is already harmful if anything gets uploaded to some cloud service - if this occurs, the damage already happens and anything that follows is "just" damage containment.
I believe about every company that develops software has some clauses about what software is allowed to be installed on the corporate computers and who has to initial any request to install a new program on the computer.