Data Loss Prevention

We use planning to use Network Discover to scan Windows file shares and I recently got a question about how secure the actual scan is.  I'm looking for any additional information from Symantec or another user that has gotten the same question.

The concern is the SMB connection used when Discover is reading files will expose those files in clear text on our network.  Are there additional controls/mitigating factors I'm not aware of (understanding the risk is lowered because scans are done internally and communication is encrypted between Discover and Enforce)?  Specifically in our environment this may be a policy violation since the most sensitive data (such as customer password and login combos) must be encrypted internally in transit.

Thanks in advance!

Well,
The connection from the Discover server to the file server is standard SMB protocol use.
The information kept on the Discover server is unreadable, and it is transfered using secure connection to the Enforce server. The Enforce server, encrypts the data and stores it in its database.
If the information is kept on your file server unprotected, and every user can reach that data, I can't see the difference when using the Vontu Discover. From my point of view, it is better to know that the data is there and act accordingly than not using Discover scans.

If you will be more specific, I will be able to give you a more direct response.

Kind Regards,
Naor Penso