Learn why at rest encryption doesn't mean encryption when your laptop
There are many steps you can take to harden a computer, and a common
recommendation you'll see in hardening guides is to enable disk encryption.
Disk encryption also often is referred to as "at rest encryption", especially
in security compliance guides, and many compliance regimes, such as PCI, mandate
the use of at rest encryption. This term refers to the fact that data is
encrypted "at rest" or when the disk is unmounted and not in use. At rest
encryption can be an important part of system-hardening, yet many
administrators who enable it, whether on workstations or servers, may end up
with a false sense of security if they don't understand not only what disk
encryption protects you from, but also, and more important, what it doesn't.