When considering security in any area, be it IT, ATMs or even opening your own front door, there is always one weak spot: it has to involve people. Despite all the research, we are years away from being able to recognize a person's identity with 100 per cent certainty (even if using finger-printing, retinal scanning or DNA testing) in real time.
Unfortunately, the drive to encourage remote working means that more and more people need access to the corporate network, with all of the security risks that that entails: how can you be sure who the person is on the other end? One solution - or rather, preventative measure - is to simply publish only necessary information on an extranet, but even then, this can still be confidential data and a risky business.