Blocking USB access is a security/privacy issues that primarily Corporate uses must contend with.
While the firewall will shield network access, USB devices
can be used for several purposes, some ligit and others nafarious:
USB thumb drives
can be loaded with software to be installed on multiple systems
used to take work home and return updated documents
Also
can be loaded with spyware, ad-ware, trojans
can be used to steal intellectual property or client records
Even though you lock down USB access, there's still the problem of who do you trust?
Even your best long-term admin or CIO (Chief Information Officer) can turn to the
dark side at a moments notice (it's called while collar crime).
There is no simple solution for all combinations of trusted/untrusted users,
allowed/unallowed USB devices.