# Hardware Encryption Capabilities for Apple Hardware ## **What** Apple devices can report hardware encryption details through MDM. These values help confirm whether a device supports block-level encryption, file-level encryption, or both. ## **When/Why** FileWave can report Apple's `HardwareEncryptionCaps` value as part of the MDM security information returned by supported devices. Apple documents this value in the SecurityInfo response: [https://developer.apple.com/documentation/devicemanagement/securityinforesponse/securityinfo](https://developer.apple.com/documentation/devicemanagement/securityinforesponse/securityinfo "Follow link"). ## **How**
- **Hardware Encryption Capabilities** reports supported encryption for iOS 4+ and tvOS 6+ devices. - **Passcode Present** helps determine whether data protection is active on iOS 4+ and tvOS 6+ devices when read together with Hardware Encryption Capabilities. - **Is Recovery Lock Enabled** reports whether Recovery Lock is enabled on Apple silicon Macs running macOS 11.5+.
## **Digging Deeper** HardwareEncryptionCaps is an integer that indicates the underlying hardware encryption capabilities of the device, which is one of the following values:
- `1`: Block-level encryption - `2`: File-level encryption - `3`: Both block-level and file-level encryption
This value is available in iOS 4 and later, and tvOS 6 and later.

For a device to have data protection, `HardwareEncryptionCaps` must be `3` and `PasscodePresent` must be `true`.