If you wanna go a little bit more paranoid, use a dedicated host to virtualise those machines and connect to the host via RDP/whatever, that should create another layer of safety.
You may want to connect via a VM, there is a CVE for remote execution in FreeRDP from compromised server. In general anything doing video, image, or audio decompression should be an assumed vector.