The notion of forcing (internal) users to submit via the Intranet server seems pretty sound, but the notion of letting employees work from outside is less so... even if you do VPN or something similar.

re your (IP) isn't spoofable is it??: If not today, wait a few seconds. I wouldn't want to bet against it being an easy do today. cf annonymiser, etc. which appear readily adaptable.

and re What if I want them to be able to do this from home and not on our network?: In the famous words of the (allegedly) prototypical New Yawker, "fergeddiboudit!" For one thing, one frequently high priority consideration for running an intranet is SPECIFICALLY that you don't want a user from outside your firewall playing inside your (proprietary) workspace -- to which I'd add "even if you THINK you know who it is."

On the other hand, your outside server (RH) uses a fairly sound encryption scheme to validate those with accounts; one would think you might be able to avoid posting a (generic meaning) database to validate those authorized to change content. But on the third or fourth or fifth hand, what is the PHB's level of risk tolerance?

UPDATE But, see Tank's (++) below!