Apple® devices have encryption features to safeguard user data
and enable remote wipe in the case of device theft or loss.
The secure boot chain, system security, and app security capabilities all help to ensure that only trusted code and apps run on a device. Apple devices have additional encryption features to safeguard user data, even when other parts of the security infrastructure have been compromised–for example, if a device is lost or is running untrusted code.
All of these features benefit both users and IT administrators, protecting personal and corporate information at all times and providing methods for instant and complete remote wipe in the case of device theft or loss.
iOS® and iPadOS® devices use a file encryption methodology called Data Protection, while the data on Mac® computers is protected with a volume encryption technology called FileVault. Both models similarly root their key management hierarchies in the dedicated silicon of the Secure Enclave on devices that include a SEP.
Both models also leverage a dedicated AES engine to support line-speed encryption and to ensure that long-lived encryption keys never need to be provided to the kernel OS or CPU, where they might be compromised.
Apple, the Apple logo, Mac and iPadOS are trademarks of Apple Inc., registered in the U.S. and other countries. IOS is a trademark or registered trademark of Cisco in the U.S. and other countries and is used under license.