On a PC, enabling Microsoft's BitLocker encryption is a little trickier. Your PC will likely need to have a Trusted Protection Module (TPM) on its motherboard, but it's often missing on cheaper PCs and even expensive older PCs. And you must be running a Pro, Ultimate, or Enterprise edition of Windows Vista or later. If your PC is BitLocker-compatible, you'll find the BitLocker Drive Encryption settings (called Manage BitLocker in Windows 10) in the Security control panel. In some cases, you can also encrypt external drives.
Click the Turn On BitLocker button in the BitLocker Drive Encryption control panel in Windows (Windows 10 shown at left, Windows 7 at right) to encrypt your boot drive. The most expensive editions of Windows also let you encrypt external drives in the same control panel. (Click on image to enlarge).
Enterprise editions of Windows can encrypt attached USB drives and thumb drives, using the BitLocker to Go tool. But consumer editions can't, so your backups won't be encrypted.
If your PC doesn't support BitLocker, use a third-party encryption tool like VeraCrypt.
Encrypting your communications and cloud-stored data
Encryption works very nicely on your mobile devices and computers, for the data they directly store. But we increasingly store data on cloud services such as iCloud Drive, OneDrive, Dropbox, Box, and so on -- and they are susceptible to access by government agencies. Don't use those services for anything you want to keep truly secret. If you must go with them, consider adopting a tool like VeraCrypt to encrypt their contents.
For your communications, use encrypted communication tools, such as those recommended by InfoWorld's Fahmida Rashid. They'll protect your messages and Web data -- most of the time. Government agencies have hinted that they can access some of these services' encrypted data, but won't say which ones, so there's no 100 percent guarantee of privacy.
Sign up for CIO Asia eNewsletters.