I am sure everyone has heard about and watched the YouTube video of the Princeton researchers that conduct cold boot attacks on encrypted hard disks. If you haven’t, I highly suggest you do. As everyone agrees…this is a very significant vulnerability and every organization that uses software to encrypt hard disks should look at ways to mitigate this new risk.
There are a ton of articles already about this new threat so I won’t bore you with the details…however, I have found one posted by Rich over at Securosis.com that sums up the entire issue and what risk this might have for your organization.
One thing I would like to highlight in his article is that you should contact the vendor of the hard disk encryption product you use to see if they plan to address this new vulnerability. It will only be a matter of time until the first tool is out there in the wild and actively exploited on stolen laptops.