Local Server Security Risks

Hello, I've been using Quarto for the past year at my company to produce various reports. I've also been using Observable Framework for dashboards as well. When I brought up using Observable Framework, I was warned this was not allowed by my IT team because of "security risks with local servers." I brought up the fact that I use Quarto to produce my reports, which technically does the same thing, and they informed me I shouldn't be using Quarto either.

I don't see any topics or articles talking about this anywhere else, and this fact seems to suggest Quarto wouldn't be allowed at any corporation because of that inherit risks. Is this accurate, and if so, are there ways to mitigate such risks? Does Posit have an official statement on this?

Just to clarify, they are referring to anytime a Quarto document is rendered to HTML, which is hosted to localhost:xxxx. This is what they mean by "local server" in case it was not clear.