Note: You should update any bookmarks to point to https://kb.filewave.com We will be working on links from FW Central/Anywhere that still come to this Atlassian site over the next couple of releases and then phasing out this site entirely in Jan 2024.

Hardware Encryption Capabilities for Apple Hardware

Owned by Joshua Levitsky
Last updated: Sep 29, 2021 by Anthony Keller (Unlicensed)

What

From a security perspective, it is important to understand the encryption capabilities of devices. 

When/Why

In FileWave 14.6.0 some reporting was added to report on HardWareEncryptionCaps ( https://developer.apple.com/documentation/devicemanagement/securityinforesponse/securityinfo?changes=latest_minor ) as reported through Apple's MDM framework. 

How

  • Hardware Encryption Capabilities has been added as a field for iOS 4+ and tvOS 6+ devices to report the supported encryption.
  • Passcode Present had its description updated to explain how it ties to Hardware Encryption Capabilities and also is for iOS 4+ and tvOS 6+.
  • Is Recovery Lock Enabled was added for macOS devices to reflect if Recovery Lock is enabled on Apple Silicon running macOS 11.5+.


Related Content

5. Inventory Reporting


Digging Deeper

HardwareEncryptionCaps is an integer that indicates the underlying hardware encryption capabilities of the device, which is one of the following values:

  • 1: Block-level encryption

  • 2: File-level encryption

  • 3: Both block-level and file-level encryption

This value is available in iOS 4 and later, and tvOS 6 and later.

Important

For a device to have data protection, HardwareEncryptionCaps must be 3 and PasscodePresent must true.

Note: You should update any bookmarks to point to https://kb.filewave.com We will be working on links from FW Central/Anywhere that still come to this Atlassian site over the next couple of releases and then phasing out this site entirely in Jan 2024.