Consider a typical company using a firewall with several users who have wireless routers at home and log in to the VPN over them. There are a number of risks associated with this. Risks include:
- Home/remote users NOT having properly patched OS
- Home/remote users NOT having valid antivirus software or updated patches loaded
- Home/remote users NOT protecting passwords
- Home/remote users NOT running antivirus scanning on a normal basis
- Home/remote users that are already hacked by someone using the VPN to come into your company network
They are all simply: home/remote user related risks. Home/remote users cause issues when they do not protect home/remote systems, and those systems become vulnerable. Most companies don't allow personal hardware to VPN, only company laptops. This way those things above do not happen.
