Benefits are as follows:

1. The unencrypted portion of the disk (boot record) can still be tampered with: a. planting passphrase-stealing code in boot code for later retrieval b. brute-forcing the passphrase

2. The user might only need to type in a short PIN number rather than a long passphrase. Often, the weakness of an encryption solution isn't the encryption, but bad practices on the part of the user, including bad passwords. A hardware-based solution means that a strong, cryptographically random password is generated, and then unlocked by a weaker password/PIN. However, the hardware chip restricts the number of guesses an attacker can make, meaning the entropy of the password/PIN is less relevant.

4. Resistance to cold boot" attack. This attack exploits the fact that the contents of RAM can be read even after shutting down a machine, meaning that cryptographic keys held in RAM can be obtained. Hardware-based full disk encryption (FDE) solutions retain the key (in a safe, tamper-resistant memory cache) rather than ever copying it to main memory.

Ultimately, the reason for the focus on hardware-based FDE has a lot to do with economics and little to do with conspiracy theories. Private enterprise knows that government and corporate mandates to secure mobile media mean that the demand for FDE will rise. Companies that are responsive will flourish; others will lose market share. Solutions that are later found to fail or have a backdoor in any form will be subject to massive liability, such as lawsuits, as well as massive divestment. It's economics, not geekdom, that is driving hardware-based FDE.

This is really old news, but a useful reminder that wireless access points should employ non-dictionary passphrases. To defeat even the most sophisticated password-guesser (one that combines dictionary-based and brute force password guessing), you can use a completely random password, such as one generated by by this FOSS utility: http://www.codeguru.com/csharp/csharp/cs_misc/security/article.php/c14557/

Many options are available in addition to the 3 you've mentioned. The "best" choice depends on many factors, such as scalability, cost, and risk. TrueCrypt is free, but really isn't ready for enterprise use. As someone mentioned already, hardware-based FDE (like Seagate's Momentus drive) may very well be the most secure, but requires additional hardware acquisition and a time investment. BitLocker is an option, but requires upgrading to Enterprise or Ultimate (which can be done in-place, without a significant time investment, if I'm not mistaken).

Many other software-based products are out there, such as (off the top of my head) PGP WDE, Secude, WinMagic/SecureDoc, etc. The best option for your boss and your organization depends on multiple factors, factors that Slashdot readers are not privy to.