Anything done on a corporate machine needs to be assumed monitored. The paranoid approach would be to fully power off the machine, take the hard drive out, then use an independent machine to mount and read the data off that. Now, if they suspect that approach, or they suspect you personally, there will likely be evidence of your hardware tampering. But it would thwart automated mass-surveillance solutions.

Hard drive encryption makes this difficult.

Take photo of screen with phone camera, carry it home, OCR. If you're really paranoid you don't want to send the document's bytes off your system or use any unusual program (e.g. steganography) to edit them.

> Maybe emailing it to an outside address

Easily detected.

> sharing it as a document via Dropbox or similar

If you use a TLS-inspecting proxy/VPN, this will be detected. Otherwise, it depends on how much monitoring is going on, but at best they could suspect it.

> Copying to physical storage?

At my work, USB drives are disabled by MDM.

You could use transfer the files over SSH. Even if you have an MitM SSH-inspecting VPN, once the SSH channel is established, you could tunnel a second SSH connection through the established insecure SSH session.

Even then, with enough logging, you could detect that all local files were accessed sequentially which would raise a red flag.

There's nothing you can do to prevent insider espionage that wouldn't raise false positives and block legitimate work, but you could at least detect it.

It will always be a game of cat and mouse. Your protections for leaking are limited to legal whistleblower protections against retaliation, so odds are anything suggested here will potentially be traceable or suspicious, which may invite further scrutiny.