Plenty of organisations enforce "no USB devices" on all their users. Not even super secure places, but just many regular admin-type office workers get their USB ports disabled in software.
Partly it's to prevent leaking of company secrets, unauthorized use of corporate devices for home use, harder to track the location of data, as well as the possibility of malware.
> Interesting. So no USB camera, headset, etc either?
My workplace has a policy of no USB storage devices (though you can request an exception). By default, other USB devices work, and storage devices are mounted as read-only.
I don't think the goal is so much system security as preventing data breaches/data exfiltration.
I work in finance, and this sort of setup is pretty common. Yes, I have a USB headset and camera for calls. My USB keyboard and mouse work just fine. If I plug my phone in, best I can do is charge it (slowly), so I use a wall-plug charger instead.
I could easily bypass the policy since I have the permissions to do so, but I won't. Working in the trading/hedge fund space, it's not unheard of to see employees sued for stealing trade secrets (quant models, for example). One only needs to search "citadel sues former employees" for examples.
edit: former Citadel employee; have not worked there in over a decade.
Partly it's to prevent leaking of company secrets, unauthorized use of corporate devices for home use, harder to track the location of data, as well as the possibility of malware.