Defence in death
"Defence in depth" (or "defense in depth", if you're American) is a frequently misunderstood term in security.
It refers to designing your software with the assumption that layers above you that were supposed to protect you have failed to do so - in whatever manner is most inconvenient to your application.
As Steve Riley points out, it's not the same as simply applying the same measure at a couple of different places - it's about assuming that the measure above you failed.
An example is "my firewall restricts external traffic from reaching me" - that's a first layer of defence. The second layer of defence might be "my application requires a user-name and password". It's defence in depth, because even if an attacker can fake traffic through your firewall, he'll have to come up with a password that works.
I'm starting to think about laptop encryption as being "defence in death".
It's long been a statement in computer security that "if the attacker has physical access, it's 'game over'".
That's true - if you're talking about a system that provides a service - as usual, you have to talk about what you are securing.
Your server rooms are generally susceptible to a guy with a chainsaw - physical access means loss of service; ergo, security problem. You fix this problem with strong physical security.
Your servers, if they can be stolen, are susceptible to being cracked open by hackers who want to pull the data from them; ergo, security problem. You fix this with strong physical security (plus an appropriate hardware retirement procedure that includes degaussing the disks, shredding them, and lightly sprinkling them with thermite).
Your laptops can be stolen even more easily, and can be similarly opened up to hackers who want to read their data. Again, this is a security problem.
You can't solve it with physical security.
In fact, with security designs for laptops, you pretty much have to start with the assumption that physical security is impossible - and what can software security do for you, if the hacker can simply prevent your software from running?
This is where "defence in death" comes about - by making the system only usable while it is alive and running, by encrypting it with a key that is not stored locally, you make it functionally impossible to use or read the system unti you have brought the system to life.
And while the system is alive, it can actively protect itself.
Encryption is a lovely thing. Be careful to understand how you use it.