In just about any office I can see it being pretty trivial to walk over to a co-worker's PC and insert a USB drive and run a program. It would take seconds, and unless all employees lock their PCs 100% of the time even if they walk away for a few seconds, there isn't much in the way of "opsec" that can stop it (just things like cameras that can find the guilty party after the fact).
Things like disabling USB ports or requiring passwords to be entered constantly for everything would most likely impact the business enough that it would be more harmful than any single instance of stolen IP, and even then they only reduce the likely hood of an attack like this, they don't stop it.
Things like disabling USB ports or requiring passwords to be entered constantly for everything would most likely impact the business enough that it would be more harmful than any single instance of stolen IP, and even then they only reduce the likely hood of an attack like this, they don't stop it.