I think the OP is trying to overcome a lack of physical security with a form of hardware solution to prevent people from accessing mass storage devices. We use endpoint security software. It lets users plug in anything they like, but if it hasn't been authorised, the OS can't access it.