Microsoft Intune adds support for FileVault disk encryption on macOS

by Vlad Turiceanu
Vlad Turiceanu
Vlad Turiceanu
Passionate about technology, Windows, and everything that has a power button, he spent most of his time developing new skills and learning more about the tech world. Coming... read more
Affiliate Disclosure
Microsoft Intune adds support for FileVault disk encryption on macOS

Microsoft Intune announced support for FileVault on macOS devices.

Intune will limit access on macOS startup disks

FileVault full-disk encryption, known as FileVault 2, is a software solution that prevents unauthorised access to the info on macOS startup disks.

With the freshly announced support, Intune administrators will make sure that no one will have access to startup disks on macOS without a password.

Also, Intune admins will be able to recover personal keys for users on corporate devices directly from the Intune console, as stated by Microsoft officials in a blog post:

The end user may use the Microsoft Intune Company Portal website on any device to access their personal recovery key. Once they login to the web Company Portal, they can select their FileVault enabled macOS device from the device thumbnails, and click on Get recovery key. If the macOS device isn’t encrypted or it was encrypted prior to enrollment, they will not see a personal recovery key.

Microsoft Intune administrators will have more options

Here are the official release features:

  • Personal recovery key rotation to help protect against unauthorized access using compromised keys. Intune administrators can rotate the personal recovery keys for company-managed encrypted Macs, and they may also configure how often to rotate the personal key.
  • Personal key escrow, providing a secure location for both end users and administrators to access the personal recovery key for company-managed encrypted Macs.


microsoft intune support for filevault on macos

This new development is part of a bigger process that simplifies macOS management with the help of Microsoft Intune.

Intune administrators will be able to secure Apple FileVault encryption, mobile device encryption, and Windows BitLocker from a single place.

This article covers:Topics: