Hardware Encryption Capabilities for Apple Hardware
What
Apple devices can report hardware encryption details through MDM. These values help confirm whether a device supports block-level encryption, file-level encryption, or both.
When/Why
FileWave can report Apple's HardwareEncryptionCaps value as part of the MDM security information returned by supported devices. Apple documents this value in the SecurityInfo response: https://developer.apple.com/documentation/devicemanagement/securityinforesponse/securityinfo.
How
- Hardware Encryption Capabilities reports supported encryption for iOS 4+ and tvOS 6+ devices.
- Passcode Present helps determine whether data protection is active on iOS 4+ and tvOS 6+ devices when read together with Hardware Encryption Capabilities.
- Is Recovery Lock Enabled reports whether Recovery Lock is enabled on Apple silicon Macs running macOS 11.5+.
Digging Deeper
HardwareEncryptionCaps is an integer that indicates the underlying hardware encryption capabilities of the device, which is one of the following values:
-
1: Block-level encryption -
2: File-level encryption -
3: Both block-level and file-level encryption
This value is available in iOS 4 and later, and tvOS 6 and later.
For a device to have data protection, HardwareEncryptionCaps must be 3 and PasscodePresent must be true.