How does an intranet/VPN help with avoiding malware on end user computers? I don't see the connection, isn't that entirely orthogonal? The OP wasn't arguing that you shouldn't control end user's devices, just that having an intranet of some sorts is not helpful.
If you run a large network, you'll have to deal with malware on users devices, and you'll have to deal with people gaining access to your network in other ways, such as this white box.
Having an "internal" network that isn't actually internal only gives you a false sense of security. Having access to an internal network should never give anyone higher access levels, but the whole idea of a "corporate intranet" pushes you in that direction.
If you run a large network, you'll have to deal with malware on users devices, and you'll have to deal with people gaining access to your network in other ways, such as this white box.
Having an "internal" network that isn't actually internal only gives you a false sense of security. Having access to an internal network should never give anyone higher access levels, but the whole idea of a "corporate intranet" pushes you in that direction.