Re: does EVERYTHING need to be on The Connected Internet? Really?
Time is never that critical and it's easy to have a workstation on segregated network that has no external egress/ingress nearby.
I was an engineer during the 90s and early 2000s before moving into IT. we had such a setup for our clients with high security buildings, draughtsmen were not permitted to transfer files onto any PC on our (then coaxial cable based) network which had a PC connected to the internet. My boss and founder of the company was a little paranoid, think he'd seen "Sneakers".
This was prior to e-mail etc really kicking off and any transfer would have required someone to install a floppy disk drive on their desktop PC anyway, so it was physically impossible for them to do it covertly.
We had 5 CAD workstations on a little LAN connected to an NT server which stored the files for hospitals, airports etc. Everything else was plotted onto vellum and stored in cabinets.
If anyone needed and answer our guys would pull the vellum first and give an answer within seconds as the latest version was always there. These days this would be just as quick by accessing a workstation, it's possible, just not as convenient for staff - and that's a decision which requires backing from the very top of the company.