@ryanc If pushed, I would do this at home.
As a bonus it may also discourage expansion of the list of sites that OS/browsers use certificate pinning on to stop users from seeing their questionable data transfers.
Still persisting with Pihole and basic firewall at home for now.