Hi @lexdiamonds,
Welcome to the Community!
We use this model ourselves where some employees need to access Auth0 protected apps. We have our G Suite environment connected to Auth0, and we leverage Google Groups for access control. If you only enable the AD connection for apps where employees should log in (a vice verse for customers), there should be no security concerns.
Mark