- Encryption is managed by FileVault.
- FileVault is automatically enabled during MDM installation.
- Encryption becomes effective after the next restart.
- The recovery key is escrowed a few hours later.
- Encryption is managed by BitLocker.
- It is automatically enabled after MDM installation.
- No restart is required.
- The key is stored as soon as encryption is activated.
Primo does not support automatic encryption for Linux devices. Enabling full-disk encryption on Linux typically requires a full disk reset and OS reinstallation, which must be done manually before enrolling the device. However, depending on distribution, Recovery Keys are automatically escrowed.
