There are tons of options for remote access. The higher the security, the higher the cost. Security and convenience is a trade off, as I'm sure we all agree. So what are you doing?
Do you allow your users/clients to login from their home PCs? If so, do they have restricted access (ie. RDC only, web based VNC)? Two factor authentication?
Do you give them all a laptops for working from home. Which they take home and plug into their infected networks and hang out at coffee shops? What about USB sticks?
For those saying that user education is of the utmost importance, I couldn't agree more. However, the sad fact is that with the advent of some very sneaky root kits on the rise, social engineering, and tons of other infections, it is becoming more and more prevalant for the average user to have an infected computer and not even know it. Or the AV & Malware programs will "quarantine" or "clean" an infected file, but not actually clean up the infection. Protection at the edge is even more and more important with your corporate networks, but what are you doing at home?