SSL/TLS inspection decrypts HTTPS at a proxy, inspects for threats (malware, DLP), and re-encrypts before forwarding. Requires a trusted CA cert deployed to all clients.
Privacy implications: employer sees all decrypted HTTPS traffic. Legal considerations in some jurisdictions. Breaking certificate pinning causes app failures. Typically exclude: banking, healthcare, HR systems. GDPR: inform employees and document the processing. Balance security visibility vs. privacy.