I have a Client which has decided to go to a VPN solution in an office of roughly 50 users. I already have the VPN solution installed and just proposed RSA SecurID in addition - The VPN is NOT live yet. The company originally intended to buy 50 laptops, LOCK them down, put PGP on them, and add in the VPN Client (prior to my recommendation of RSA). I felt like that would be a pretty safe solution, but now I get thrown a boomerang, and am told that they wish to put it on roughly HALF (25) of employees HOME computers which I have NO knowledge of.
With everything going on, and just about 25% of the HOME PC's I fix being compromised, I am very worried about going this route. Unless I can wipe, lockdown, and return each PC, I wouldn't be able to sleep well at night - Even still I wouldn't, but it would help.
Your Thoughts on installing a VPN client on a PC you have never seen and allowing it access into your 'secure' network?