NIST defines media as Physical devices or writing surfaces including, but not limited to, magnetic tapes, optical disks, magnetic disks, Large-Scale Integration (LSI) memory chips, and printouts (but not including display media) onto which information is recorded, stored, or printed within a system.
The diagram below details the specifics of options for Digital Media:
Note: All solutions for Physical Control Options require users listed on the SSP to match those with access to systems in-scope.
Presented in another way, this matrix provides a little more insight on the expectation:
* Encryption on desktop will cause additional support overhead on desktop systems for which it is installed due to a lower probability for portability.
** Encryption and physical controls offer equivalent protection on their own, and you need only choose one to be compliant.