Don't treat users like children
I understand the need to prevent people from connecting insecure hardware to the network to keep unwanted malware out, but blocking users from access to company information over concerns about what they might do with it seems to me to be counterproductive.
In my work email, I only have access to information that I can get at in other ways as part of my routine job. Either the company trusts me to handle that data as part of my job or they don't. If I'm not trusted, I wouldn't be doing the job. If I'm trusted to handle sensitive data in every aspect of my job except for some obstructivist IT policy, the effect of that is not going to be to make me treat data security seriously, it is simply to make me feel contempt for IT.