The Security Breach
Using the methods delineated in the scenario above, it's now possible to perform corporate espionage, bypass corporate security policies, and affect the overall productivity of an organization.
For example, with applications such as Proxytunnel and HTTPort, a desktop user can easily allow people behind a proxy server (which allows only web surfing) to tunnel out any TCP/IP application using SSL and/or SSH, which makes it nearly impossible to detect the contents of the traffic with a packet sniffer.
Misconfigured proxies inside the LAN/WAN can also allow unauthorized users to tunnel into your network. If a customer, vendor, or employee accesses internal LAN/WAN resources and has or is a virus, worm, or simply a user with malicious intent, and the virtual private network (VPN) drops the user inside the LAN/WAN with no firewall or other controls, it's very possible that you could be allowing data into or out of your network that could result in a lot of damage.
Data smuggled out of an organization may reveal what should be protected: HR records, internal schedules, and so on. Bypassing the security policies in place could also be embarrassing if an internal or external entity exploited a proxy or VPN to post damaging false information to message boards and other areas that showed the information originating from inside the corporate firewall.
The impact to productivity can be everything from overuse of bandwidth for illicit purposes to reduced morale because fake email messages were sent through the corporate mail server to cause dissent inside and outside the organization, not to mention other mischief such as deleting or modifying files.
The Internet Society has posted a good paper on the subject of tunneling and the many ways it can be used to compromise a network.