I'd probably agree with that, but for high assurance use cases, this is probably still incredibly attractive. Being able to ensure JavaScript and other web content isn't executing in your network, and the link out to that system is understood and risk managed could be powerful for them.
Keeping public internet work separate from local webapps would certainly help to avoid a fair number of vulnerability classes (as public browsing would take place in a totally separate environment without filesystem access or access to local resources, without access to local credentials, cookies, or network resources).
Keeping public internet work separate from local webapps would certainly help to avoid a fair number of vulnerability classes (as public browsing would take place in a totally separate environment without filesystem access or access to local resources, without access to local credentials, cookies, or network resources).