Homebrew itself is not bad, but it does allow users to install software from thirdparty sources, that are unvetted, or unverified. This could pose a security risk. I can see why some companies will disable homebrew. Especially for non-developers.
Homebrew doesn't suddenly add that capability. It just facilitates it. If nothing else, it's easier to track what's been installed via brew than whatever the user may have curlbashed or untargzed to their home.
