[masom]

That's not very useful for your CEO/CTO/CFO/sales/etc when they are offsite or traveling.

[KekDemaga]

A VPN resolves this issue and provides encryption and authentication.

[actsasbuffoon]

A VPN is non-trivial to set up correctly. Have you set up an internal DNS to prevent leaking the domains from requests? How about IPv6 leaks? There are many things to consider, and I wouldn't trust a random programmer to do it correctly.

[theossuary]

I wouldn't trust your programmer much at all if they couldn't configure OpenVPN with correct DNS settings, given some time.

[KekDemaga]

Many good resources exist: https://www.linode.com/docs/networking/vpn/set-up-a-hardened...