Laptops put in "sleep" mode, as opposed to shutting them down completely, can render encryption products ineffective. – Winston Krone, managing director, Kivu Consulting
Health care organizations are now routinely installing full-disk encryption on their employee laptops. However, most of the leading encryption products are configured so that once the password is entered, the laptop is unencrypted (and unprotected) until the laptop is booted down. Simply putting the laptop into "sleep" mode does not cause the encryption protection to kick back in. A laptop that is lost or stolen while in "sleep" mode is therefore completely unprotected. Employees should be clearly advised to completely shut down their laptops before removing them from the workplace (e.g. when taking them home for the evening) and to only use the full shut down function, rather than "sleep" mode, when traveling or leaving their laptop unattended in an unsecure environment. This policy should be strictly enforced and audited.