I'm imagining IT has proviosned certificates on the computers under their control that allows them to do a MITM attack on either blacklisted sites, or non-white listed sites.