In Windows, I always recommend to use the built-in BitLocker encryption. You need to have an Enterprise-version of Windows 7 or any version of Windows 8 or Windows 10 to be able to use it. The problem that I mostly face is people calling me and asking me to come and help them implement BitLocker in their environment. I always reply "you're too late" as an easy to administer, cost-effective to implement and secure BitLocker implementation starts by choosing the right PC hardware.
My number one instruction on this matter is: Never choose laptop models with PCI-Express, Firewire or ThunderBolt connections. All of them support Direct Memory Access (DMA) which is the biggest enemy of any encryption or security technology.
When implementing BitLocker, aim for TPM-only scenario described by Microsoft. That's perfect for 95% of customers if deployed correctly and it's both secure and easy to manage.
Remember: if you don't have hard drive encryption on your Windows box, it gets hacked with a single command that can't be prevented by any anti-malware solution out there.