This article might be nearly two years old, but it has never been more relevant than now. I strongly urge everyone, especially my customers and family, to always encrypt their PC with a certificate. Yes, a certificate, not a BIOS or bootloader password, those are useless and easily to bypass. This should be mandatory for any business devices, especially during the times where BYOD is a hype. And don't forget that a certificate is equally useless if you carry it with you or even use an empty or easy to guess passphrase. Always keep the USB stick with the certificate separate from your own baggage or hand luggage.
A forensic copy of a HD (not SSD) takes about an hour, a SSD is only a matter of minutes. So if they ask you for your laptop and take it out of your reach, you must treat it as being compromised.
Read more details on Vice.com