Hi @Noiden
This can be easily achieved by assigning a customized profile for each company. The default profile (customized or not) provided with the C1 platform is not necessarily the only profile that is needed to be run on all companies/device group that you currently have or will have in the future. The settings on one profile can be vastly different to another if you choose to do so.
What you need to do though is to not utilize the ‘Trusted’ rating but instead utilize a whitelist/blacklist. You will just have to focus your tweaks under Containment → Rules. Please do check the links provided below on how to achieve this: