All University staff (and some students depending on their department) are required to encrypt all Windows and Mac computers, as well as Apple and Android mobile devices that are used by employees on the campus network, including those used for personal use only. A non-compliant device will eventually get blocked from the Stanford network by the information Security Office.
When you enable encryption on your devices, anyone who has physical access to the device will not be able to access your data. Whole disk encryption is recommended, but only after you set up regular backups; if your hardware fails and you do not have a back up, you will lose your data since it is scrambled by encryption.
Please visit encryption.stanford.edu for more information and instructions on this process.