It sounds bad safety practice to me. Safety is safety, it should not depend on location of the user. It's better when access to safety-sensitive data is based on secure authentication; if some people leave the office permanently (resign from work, for example), you can revoke the user profile record. However, you decide.
You can always checkup the client IP in all the HTTP requests:
https://msdn.microsoft.com/en-us/library/system.web.httprequest.userhostaddress%28v=vs.110%29.aspx[
^].
Based on the IP, you can figure out that the user sends the request from the office and give this person additional privileges, denying them in all other cases.
—SA