Interesting, I'm just writing a fictional story about insider threat
, I will be posting part 10 tonight.
One thing you hear very often is that 80% of all the attacks come from the inside. But what you seldom see are facts backing up that number. Richard Bejtlich has written about it on his blog several times, the last post was just a few days ago: Again, External Threat Is More Prevalent
. Almost all facts I've seen says that the 80% rule of the insider threat is a myth.
I agree what you say regarding eggshell security, however if the employees have unrestricted access that can easily be used by a random attacker. An employee who doesn't know what he is doing can install some malware or trojan which lets the attacker in. One the attacker has controll of the employees workstation the rest of the network is at risk.