Dear Savita,
Each company wants to protect the data of their company and it appears your company also wants to curb the data leakage. To do this your company wishes to "ban" (not band) the external media like a pen drive.
However, the question is why your IT department cannot disable the USB drive itself? If the USB drive is not disabled then anyway the data can be copied by connecting the mobile instead of the USB drive?
What about data transfer through Bluetooth? Since the bluetooth operates wirelessly, no one will come to know even if the data is being transferred.
What about accessing personal email ID? Has your company disabled it? If there is access to the personal email IDs then data leakage will be very smooth.
What about some smart chap taking printouts of the important information and then scanning the printouts on his mobile? Nowadays "Image to Text" Apps are available. The data can be copied anyway.
In view of the above, before issuing the circular, think from all the sides. Protecting data is very difficult and it requires a lot of investment to create that kind of infrastructure.
Thanks,
Dinesh Divekar