Just started reading the article but wanted to make a note of something...
...and the absence of any memory card readers. The latter seems like an unnecessary omission as memory cards have become ubiquitous. Surely, business people also use digital cameras, videocams and other devices that require frequent access to memory cards.
From a business PC perspective, I can see why they would leave out the memory card reader... I'm just saying that there could be reasons to not include something as simple as a memory card reader.
By that argument, both card readers and USB ports should be banned because of the security risk?
Yes. SAS70, Sarbanes Oxley, etc pretty much force companies to disable USB, CDR, Floppy, etc to reduce the chance that someone can walk out with company data (financial or otherwise).
In my company I have USB ports forced into read only mode on any PC not used by someone with written authorization to be allowed to take data off the PC. Of course that is a Windows setting (very few PC BIOSes have an option to set USB ports to read only) and booting from the USB drive with linux or winPE would get you access to the drive but it keeps the average worker in our office from trading files all over the place by way of devices that if they were to plug one in they would get written up or fired on the spot. They can still trade files using a network share on the fileserver but they can't take files off the server and out the front door without spending more serious effort. We assume some risk that someone could sneak in a device and put a virus on a PC but hey I'm not going back to PS/2 mice/keyboards.
Any PC with a card reader I just yank the reader out and put a blank faceplate in.
Floppies still work but not every PC has one nowdays and given the time we may just remove the ones that are left.
CDs are not allowed in or out of the building without written approval.
Cameras are similarly restricted.
It'd be worse if we were a public company or a government facility in the next town over.
Short of strip searches coming and going you can't really stop people from taking data out the door nowdays. I've seen USB drives that hide inside of braclets and pens and basically any device you want to put one in that is bigger than your fingernail. And as I said if you can boot from it you can take data off the local hard drive. Assuming you have access to the network you can transfer files from the network to the local drive, then reboot to the USB drive and steal data from there.
But it makes the auditors happy when you staff the security theater