Usage tip: If a hacker--or, say, just a nosy coworker--acquires access to your computer when an encrypted volume is mounted and the person has the ability to see the volume as a drive, the snoop will be able to read or copy files from the volume just as they would from an unencrypted drive; they may not even know that the drive is encrypted. If the encrypted data is not mounted, however, it appears as an undifferentiated lump of random characters. The following two utilities, BestCrypt and TrueCrypt, both support options to dismount a drive automatically after a user-defined period of inactivity.
Jetico's ($60, free trial) is a commercial encryption package. In its basic form, it offers only container-based encryption; full-disk encryption costs more. BestCrypt contains tools to organize your containers into groups, so you might have many small containers with different passcodes, instead of one big container. , a free and open-source (donationware) product, lacks such organizational features (though you can make as many volumes as you like), and has a more spartan interface; it gives you full-disk encryption, however, as well as features designed to keep data secure even if you're forced to provide a key. A detailed documentation file covers not just usage information but also explanations for what TrueCrypt does and how it works, letting users make informed decisions about settings and options.
Another free encryption tool, (On The Fly Encryption), has several features designed to make it particularly useful for situations in which you can't install the software: a "portable mode," which requires administrator access but no installation, and a separate but compatible (can read the same encryption) program called that needs no drivers at all. Speaking of drivers, FreeOTFE will work on 64-bit Vista and Windows 7 systems, but because its drivers are not signed and thus run afoul of Windows security, you must jump through quite a few hoops to get them to work, most of which require disabling driver-signature verification.
All of the disk-encryption programs mentioned above support the , which is currently considered to provide a balance between speed and resistance to attacks based on tweaking data. In addition, many companies consider compliance with an IEEE standard to be a "checkmark" item when evaluating software. Each of the utilities supports other encryption formats as well; it's best to study your options and understand the strengths and weaknesses of each format, depending on your needs. For most users the default choices will be fine.