Why don't you have the employer/company set up an access-list that only allows certain host on their end to utilize the VPN connection? If the "stalker" is not using a machine that explicitly allowed to use the connection he will not be able to accce...
