In the past years, encryption has become a key control for protection of integrity and confidentiality of data. Many organizations use encryption technology such as disk encryption provided by the OS with managed keys. I am surprised to see this statement as not allowed per IT Security Policy:
auf einem lokalen Rechner Kryptographie (Verschlüsselung) zu nutzen, außer in den Fällen, die in der Richtlinie zur Klassifizierung von Informationen
(Use cryptography (encryption) on a local machine, except in the cases specified in the Information Classification Policy)
This seems to be an old control to ensure availability. In my view, any organization should make it mandatory to use the corporate encryption solution – and central key management.