When using MacOS the way to get "full disk encryption" is to enable FileVault. This can be easily done in the "System Preferences" via the "Security & Privacy" section, which has a tab for "FileVault". An encrypted disk can be accessed either with a login that has permission or the recovery key. There are options for "institutional" recovery keys as well as certificates and the key chain.
As well as the visual way to check if FileFault is enabled you can also do it via the Terminal as follows:
diskutil apfs list - look for "Mount Point: /" and see if it says "Fault Vault: Yes (Unlocked)fdesetup status - gives a nice simple answerfdesetup status -extended - adds a little more info than aboveThe next question that comes up is, "so where is my recovery key?". Clearly this might be managed by your employer or institution. If it is your personal Mac then hopefully you stored you recovery key somewhere safe, or, possibly better, you stored it in iCloud. You can check this by entering this:sudo fdesetup list -extended
It will prompt for a password but this is the sudo command prompt, then if there is a line with the type "iCloud Recovery Record" than that is a good sign. Enter the following command:diskutil apfs listUsers /
If you can see "Type: iCloud Recovery User", then all is well. However if you have the recovery key stored separately, so not in iCloud, then you can test the recovery key is correct with the following command:sudo fdesetup validaterecovery
It will prompt for a password but this is the sudo command prompt, then you enter the recovery key, if you get "true" back all is well.