It's something we considered, but grafting it into the existing set-up didn't seem like it was worth the time invested, whereas the chef work Ced did not only made us actually more secure (with SSL), it also ticked a box on our security audit.
We're making plans for the next stage of our production platform just now, and will revisit all this stuff then.
My piece of advice: use OpenVPN for remote workers and even for connecting those "public" servers outside your production network.
It's really worth it.