"Just a thought."
Yes... apart from the bit about Raspberry Pis (you really need to think about running an enterprise infrastructure) what you have described is a sort of vague first guess at how it is done in reality. It's an old-fashioned approach with an emphasis on perimeter defence. However as you describe it it's both unworkable and impossible to maintain.
A similar concept can be found in "information kiosk" type delivery where some trusted (but not very trusted) party wants access to sensitive data. The systems will be configured to permit the user to work in a virtual environment and have access to only those resources that they need for their work. There will be no export route. There will also be a lot of other stuff that I'm not going to go into detail about that is used to detect anomalous behaviour. This is expensive provision and it's only worth doing it if the assets to be protected are of high value.