The cheapest secure option with built-in software is probably SSH port forwarding of RDP. If you have to, you can have an SSH client connecting out from the laptop, reverse port forwarding back from a server you control.
Ideally you'd configure RDP to only listen on loopback.
Any software solution would be detectable to all the corporate monitoring tools vs. hardware as discussed in the article (which I guess someone could figure out via USB/device IDs but seems less likely to be noticed than open ports/RDP connections).
Ideally you'd configure RDP to only listen on loopback.
Any software solution would be detectable to all the corporate monitoring tools vs. hardware as discussed in the article (which I guess someone could figure out via USB/device IDs but seems less likely to be noticed than open ports/RDP connections).