Smells like the IT department of BigCo or public agencies to me. Been there, seen that. Literally terabytes of Debian binary packages transferred by hand with USB keys and disks between the dev network and the secure network.

Oh, and the USB serial numbers of the keys had to be whitelisted on the secure network. What a fun that one was. They didn't even stop doing that after I showed them that I could modify the firmware of some of the sticks using software from some obscure Russian site and thus bypass the control...

(Does anyone know by chance how that website is/was named? All I remember is that it held hundreds of manufacturer tools for all kinds of USB stick controllers/flash chips)

I work in the public service industry - many of the systems I work on are isolated from the internet, and from other networks even - so I often have to sneakernet software updates and other things around to all these various machines. The no network thing is reasonable when you consider the requirements these systems operate under - its also an easy way for folks with no system administration abilities to ensure some security and stability.