Hardware Encryption Capabilities for Apple Hardware

What

~~From~~Apple devices can report hardware encryption details through MDM. These values help confirm whether a ~~security~~device ~~perspective,~~supports itblock-level isencryption, ~~important~~file-level toencryption, ~~understand~~or ~~the encryption capabilities of devices.~~ both.

When/Why

In FileWave ~~14.6.0 some reporting was added to~~can report onApple's ~~HardWareEncryptionCaps~~HardwareEncryptionCaps (value as part of the MDM security information returned by supported devices. Apple documents this value in the SecurityInfo response: https://developer.apple.com/documentation/devicemanagement/securityinforesponse/~~securityinfo?changes=latest_minor~~securityinfo ~~) as reported through Apple's MDM framework.~~ .

How

Hardware Encryption Capabilities hasreports beensupported added as a fieldencryption for iOS 4+ and tvOS 6+ devices to report the supported encryption.devices.
Passcode Present hadhelps itsdetermine descriptionwhether updateddata to explain how it ties to Hardware Encryption Capabilities and alsoprotection is foractive on iOS 4+ and tvOS 6+. devices when read together with Hardware Encryption Capabilities.
Is Recovery Lock Enabled wasreports added for macOS devices to reflect ifwhether Recovery Lock is enabled on Apple Siliconsilicon Macs running macOS 11.5+.

Digging Deeper

HardwareEncryptionCaps is an integer that indicates the underlying hardware encryption capabilities of the device, which is one of the following values:

1: Block-level encryption
2: File-level encryption
3: Both block-level and file-level encryption

This value is available in iOS 4 and later, and tvOS 6 and later.

For a device to have data protection, HardwareEncryptionCaps must be 3 and PasscodePresent must be true.