Hardware Encryption Capabilities for Apple Hardware

What

From a security perspective, it is important to understand the encryption capabilities of devices.

When/Why

In FileWave 14.6.0 some reporting was added to report on HardWareEncryptionCaps ( https://developer.apple.com/documentation/devicemanagement/securityinforesponse/securityinfo?changes=latest_minor ) as reported through Apple's MDM framework.

How

Hardware Encryption Capabilities has been added as a field for iOS 4+ and tvOS 6+ devices to report the supported encryption.
Passcode Present had its description updated to explain how it ties to Hardware Encryption Capabilities and also is for iOS 4+ and tvOS 6+.
Is Recovery Lock Enabled was added for macOS devices to reflect if Recovery Lock is enabled on Apple Silicon running macOS 11.5+.

Digging Deeper

HardwareEncryptionCaps is an integer that indicates the underlying hardware encryption capabilities of the device, which is one of the following values:

1: Block-level encryption

2: File-level encryption

3: Both block-level and file-level encryption

This value is available in iOS 4 and later, and tvOS 6 and later.

For a device to have data protection, HardwareEncryptionCaps must be 3 and PasscodePresent must true.