There are two ways to encrypt the storage of your application. The first is to encrypt the entire storage, and the second is to encrypt only encrypt sensitive data. We recommend them in that order, but we understand that sometimes it is not possible to encrypt the entire storage, so feel free to fallback to Volume Encryption.
If you role requires a Secure Work Environment, you are required to use Full Disk Encryption.
Due to the large space utilization of our projects, the minimum storage size is 50 GB (recommended size: 100 GB).
In any Virtual Machine, you can achieve FDE-like setup by putting the VM image on an Encrypted Volume created using VeraCrypt or similar software.
Use BitLocker - requires a TPM hardware module on non-Pro versions of Windows. You can check if is available and/or configured like this.
Use FileVault.
LUKS is the Linux standard for disk encryption, and most installer tools allow you to use it to encrypt the disk during installation. Please note, the boot partition might not get actually be encrypted, but this is considered acceptable risk.
Due to its ease of use, we recommend VeraCrypt, for which a simple tutorial can be found here.