Although certain iOS devices have had hardware encryption built in for some time, not all of them have, and the encryption keys have only been optionally protected. Developers have also had the option to use the built-in data protection API, but not all of them did. Now all third-party apps from the App Store will have their data automatically protected using strong encryption based on the user’s passcode until they first unlock their device after a reboot. Developers will also have the option to have application data re-encrypted when the phone is locked. Most MDMs will still offer better protection that is not based on the user’s passcode, however.