This is by no means a simple question. A simple google search may give you some options, but developing the criteria alone to make an effective decision on a solution that fits your environment is a difficult process.
There are several factors to consider such as key management, removable media protection, cost, multiple user logons, and reporting/auditing. Do you want to deal with the VP that changed the pre-boot password so no one else could get their data, then forgot it the next day? If you are using Truecrypt your answer is "did you back it up?". Will you really regret a solution that does not address removable media if that same VP has her sensitive stuff backed up on a USB drive that isn't encrypted inside the laptop bag that gets stolen with the laptop in it. This is a very complex issue; a simple google search can't give you that answer.
I attended a SANS "What Works, Mobile Device Encryption" last year as part of my organizations search for a FDE solution. There are a number of solutions that I didn't see mentioned here. Some googlefu should get you a large selection of products that can meet the minimum criteria. We ultimately went with Utimaco Safeguard Enterprise. It was definitely the best choice for our organization. It even assists with key management for Bit Locker for data recovery.
Depending on your needs you may even want to consider Credant which is a file based over whole disk encryption. It does meet most organizations' requirements for protection and streamlines support.
The real question you should ask is how do I develop the criteria for selecting a product?
Depending on the number of computers you are concerned with protecting you may want to just move with Truecrypt as a CYA and then reconsider as time permits. It is paramount that you educate your users about their data as part of the process. Otherwise your efforts are futile.
Slashdot Mirror
There are several factors to consider such as key management, removable media protection, cost, multiple user logons, and reporting/auditing. Do you want to deal with the VP that changed the pre-boot password so no one else could get their data, then forgot it the next day? If you are using Truecrypt your answer is "did you back it up?". Will you really regret a solution that does not address removable media if that same VP has her sensitive stuff backed up on a USB drive that isn't encrypted inside the laptop bag that gets stolen with the laptop in it. This is a very complex issue; a simple google search can't give you that answer.
I attended a SANS "What Works, Mobile Device Encryption" last year as part of my organizations search for a FDE solution. There are a number of solutions that I didn't see mentioned here. Some googlefu should get you a large selection of products that can meet the minimum criteria. We ultimately went with Utimaco Safeguard Enterprise. It was definitely the best choice for our organization. It even assists with key management for Bit Locker for data recovery. Depending on your needs you may even want to consider Credant which is a file based over whole disk encryption. It does meet most organizations' requirements for protection and streamlines support. The real question you should ask is how do I develop the criteria for selecting a product?
Depending on the number of computers you are concerned with protecting you may want to just move with Truecrypt as a CYA and then reconsider as time permits. It is paramount that you educate your users about their data as part of the process. Otherwise your efforts are futile.