The problems you WILL run into will be the management of the suite and user-end training. An issues with simply allowing users to run their own "privacy suite" is when their employment comes to an end. What will you do if you don't have the ability to decrypt what an employee encrypted.

Imagine for a minute having a top scientist at your company. He discovers the cure for Foobalia a terminal disease. He's been taught to encrypt everything he does and does so. He passes away... He leaves for another job... He is arrested... *Something* happens where you need that data. What are you going to do. How much time and money will it cost you to attempt to recover that data.

Let's look at the alternative. 100 Employees. You will need to train them all, mandate they all use it, configure it, maintain it. So you think... "rescue disk!"

RD = Rescue Disks
M = Minutes

100(RD) * 20(M)  = 2000 / 60 = 33 hours to configure

There is a hidden slash un-thought-about cost factor here. You could (if properly) deploy a script to autodownload, install, back-up the program. However, there is still management and user-end training.

On the low end of the pricing spectrum there is Steganos which doesn't allow for *true* enterprise scalable configuration.
http://www.steganos.com/us/products/data-security/privacy-suite/overview/

Then there is something like Voltage (http://www.voltage.com/products/index.htm) where all is centralized including being able to send out emails where the receiver (even if they don't have say PGP) could decrypt. Key management is made simple so you don't run the risk of say rogue employees changing keys/pasphrases, etc.

Voltage at the end of say a 3-5 year lifespan will eventually come out cheaper via terms of configuration, deployment, usability not to forget that if someone leaves, you won't shoot yourself in the foot wondering whether or not your data is gone (encrypted beyond the point of no return)

I'm with Sil on using Voltage.  They simplify key management and data recovery, which will be your biggest concerns in any company of more than say five employees...  A truly stable PKI implementation for a company of your size will cost a LOT to deploy in terms of man hours. I have to assume that you have a full time job before trying to develop and deploy a PKI so something that is more or less plug and play is probably your best option (as it doesn't sound like you have enough people to justify a consultant to deploy the infrastructure for you.

Whatever you do, don't cut corners.  A bad PKI design likely makes your information MORE vulnerable.  People start to consider all critical information being encrypted as a mitigating factor for other vulnerabilities (which is really isn't).  Then people leave holes open that they wouldn't otherwise.  Bad situation all around.

Good luck.