As long as you could identify users on the basis of...
Group A - everybody in subnet (say) 192.168.0.0/24
Group B - everybody else
then it would be *possible* to modify the course rendering code to restrict certain courses to certain groups. However, it's nasty.
It sounds like a step back is required. What happens if someone comes into work, downloads the (restricted) material onto a memory stick and then takes it home? All your effort has been for nothing!!
Alternatively, have you considered restricting the whole Moodle site and implementing a VPN. Home users need to authenticate against the VPN to access the site.