Most of the people I talk to are very concerned about hacking from the outside. The target that is much easier to hit is the remote office. The remote office typically are in locations with people who want to be helpful. How easy would it be for someone to dress up like the phone company and gain access to a remote server room? Talk to your remote offices about security and establish a security awareness program.