Of course encrypting CDs, DVDs and media cards is a wise idea! As with any other storage medium, there is always...
a risk that someone in your company could put sensitive data on a DVD and then lose the disk. An enterprise should have controls in place to mitigate that risk, and the best control you can put in place is encryption.
The first step in implementing a more comprehensive encryption program is conducting due diligence. I would suggest beginning with the path of least resistance, and invite your current encryption vendor (or vendors) in to discuss expanding the scope of your encryption program beyond USB, to all writable media. You may find that you are already paying for this functionality, or that getting the extra functionality simply requires purchasing an additional module for one of your current products. Better yet, as an existing customer, it may be reasonably priced to boot. I would also highly recommend including all desktops in the encryption program as well. The highest probability of data loss is from an employee.
If your current vendor's product can't do this, consider migrating to a different vendor product that does it all. Finally, perhaps as a long-term goal for organizations that do use multiple encryption products, I would suggest migrating to a single multipurpose encryption product. This product should be able to disable all USB media and CD/DVD burners, encrypt media and be policy based.
Bear in mind that the more products the organization uses, the more client-based agents are running on every user's machine, requiring resource overhead to maintain.
Related Q&A from David Griffeth, featured expert
Are users at your enterprise creating weak passwords that could potentially lead to serious data breaches? In this identity and access management ...continue reading
Virtualization is a technology that's taking off, but how can information security professionals know how it will interact with their existing ...continue reading
Periodic access reviews for enterprise identity and access management (IAM) can help ensure the necessary personnel have access to essential systems ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.