Potholes are an unavoidable fact of life on asphalt roads that exist in climates that experience Winter. Not a single asphalt road in my city has survived it's first Winter/Spring after being repaved during my lifetime. Some of our highways are completely concrete, and they usually look great for several years with only some minor maintenance needed. The constant freeze/thaw cycles and snow plow blades just aren't friendly to road surfaces.

Some of us are subject to regulatory compliance and/or PCI-DSS. Accessing anything on my internal network from outside without two-factor authentication that is logged is a sure way to fail many kinds of external audits.

Requiring the use of a VPN defines the single point of entry into your network. That's one point to monitor, secure, and administrate; not one for every server you want access to over the public Internet.

Your main block for remote access to a company's internal network is more likely to be the vendor's operating system support, not company IT policy. The two VPNs I manage both support Windows, Macs, and Linux with (mostly) the same code. Unfortuantely that means it's Java based, and it has been very problematic because of that. On people's personal Linux installs, a combination of not following instructions and the version of Java they're running virtually guarantees that it won't work for them the first few times, if ever. In the case of Apple, every time they touch something in Safari or Java it screws up the applet in some way, requiring a reinstall of the program or waiting on a client patch for the VPN. The Windows version certainly isn't perfect either, but the issues there are known and easily fixable.