Is it seen as overkill for you to provide company hardened devices that users can use from home to access remote access facilities like citrix? Or wheres the risk in not providing them corporate kit and letting them use whatever they want?
Say someone access a citrix gateway from their personal computer manifested with poor secrity, i.e. out of date software, loads of malware, no firewall etc etc - if they use this to access your citrix gateway (2-factor) does the internal citrix infrastructure become at risk, or not really? I.e. can they access citrix from any damn machine they want be that company provided or home, or cafe shop etc etc.
Whats your policy on this? Can citrix enforce any kind of "your machine isnt secure enough you arent logging in"?