Having only a perimeter defense is a bad idea, but knowing who is inside your company’s network is a key component of a solid defensive approach to cyber-security. Over the years, your organization may have allowed access to suppliers, customers, partners and many other groups that are not part of your core employees. Many times, this is done for legitimate reasons and for streamlining communications.
A full audit of access should be completed, and this area should be monitored on a continual basis for potential problems. A company I know had an attack happen that was traced back to some audio visual equipment that was installed on their network, but was accessible with no constraints from the outside. It languished for years and was the entry point for an attack.