These state, that there needs to be proof of several data security aspects on all devices of all people working in a facility for one of these companies/clients as a contractor:
- Anti Virus software up to date
- Firewall active
- Harddisk encrypted
- Ability to remotely lock device
- Ability to remotely wipe device
To ensure that this is in place at all times on all devices one needs a programatic solution - Endpoint Management. And as this needs to be root (for remote wipe) - this could be seen as spyware (as I like to call it internally).
So yeah - there are a lot of companies/industries enforcing this. As someone above said - banking is another industry, insurance, medical and other high profile stuff with sensitive data might come to mind.
The text does not say this - but this I added just from experience. And I actually hope that someday companies like mine could go the Apple way and ensure Endpoint Management on a per user account basis. That way I could still take home my company laptop and use it privately with a different user.
I strongly believe all this software only enlarges the potential attack surface.
Not sure if this "zoo" of software is more of a security theater and a legal protection to be able to tell everybody "we did all we could possibly do" in case of an attack/hack/what not.
But even if I strongly suspect my device was more secure before, I know, that lot's of less tech-savvy people will have at least some standard (encrypted SDD, and such) enforced. So I am not yet decided if in the end the net benefit is positive.
It all about fulfilling IT and law checklists.