NOTE: Your company may have alternate specific guidance for how you should encrypt your hard drive - please check with your IT and compliance teams.
Open System Preferences, then click on Security & Privacy
Click on the FileVault tab
If FileVault is not turned on, click the "Turn On FileVault…" button
You may need to click the lock in the lower left corner to make changes
You should see the following if FileVault is enabled:
On Windows Professional 10 and Windows Professional 11:
You may want to follow the steps to Turn on standard Bitlocker encryption provided by Microsoft.
Locate the hard drive you want to encrypt under “This PC” in Windows Explorer.
Right-click the target drive and choose “Turn on BitLocker.”
Choose “Enter a Password.”
Enter a secure password.
Choose “How to Enable Your Recovery Key” which you’ll use to access your drive if you lose your password.
Choose “Encrypt Entire Drive.” This option is more secure and encrypts files you marked for deletion.
Click “Start Encrypting” to begin the encryption process.
NOTE 1: BitLocker is not available for Windows Home Edition.
On Ubuntu Linux:
Resources with detailed instructions for encrypting your hard drive for those utilizing Ubuntu:
NOTE: You will need to manually upload evidence of disk encryption on Linux when using the Drata agent. See this article for more details.