Well I for one think you're right to be worried. (add this to the good advice from tiger shark)

Disagree with me y'all, but if i had an external user who's dialing in, I would make damned sure that the machine was mine, and that the user was told that it was a disiplinary offence to connect the machine to any network other than the corporate WAN.

My reasoning ....

1. there are plenty of trojans with key loggers, that, and a little social engineering, and you have a breeding ground for an access violation.

2. add to this, if the machine ever comes in for support, what the hell is on the HDD of the machine? (Viruses / Trojans etc)

I use one of MY machines to connect to the works WAN, but it has caddy based HDDs, and the one I use for work, is used for NOTHING ELSE.

in conclusion ...

Ban any NON Corporate machines from access (either through witten policy, or through IP/MAC address banning)

Ban home users from installing ANYTHING on the homeworking kit, and back this up by using at least NT/Linux/UNIX, and locking the things down.

Audit the home machines on a regular basis, and at least poke offenders in the eye.

think about using at least challenge/response tokens for network authentication

Do not rely solely on the antivirus, unless you like cleaning up after infections.