Microsoft has released a new feature called “Controlled Folder Access” that helps Windows users protect their data against ransomware.
First announced in June 2017, Controlled Folder Access is an option in Windows Defender Security Center that went live in mid-October. Its purpose is to protect files contained in designated folders against unauthorized changes. Users can therefore activate Controlled Folder Access in order to prevent ransomware from encrypting their files and changing those documents’ file names.
Microsoft explains the feature as follows:
“Controlled folder access monitors the changes that apps make to files in certain protected folders. If an app attempts to make a change to these files, and the app is blacklisted by the feature, you’ll get a notification about the attempt. You can complement the protected folders with additional locations, and add the apps that you want to allow access to those folders.”
To enable Controlled Folder Access, Windows users should select Start > Settings (the gear symbol). They should then choose Update & security > Windows Defender. At that point, they should open the security center of Microsoft’s native malware protection program, view their “Virus & threat protection” settings, and turn on “Controlled folder access.”
Once they’ve activated the feature, users can click the “Protected folders” sub-option and add any folders to which they’d like to restrict access. They should then follow up by selecting “Allow an app through Controlled folder access.” This course of action lets users whitelist certain applications that they know regularly use their protected folders.
In the event an unapproved application like crypto-malware attempts to make changes to one of the protected folders, Windows displays an alert message in the Windows Notifications sidebar. It also logs the activity in its events log.
This is a Security Bloggers Network syndicated blog post authored by David Bisson. Read the original post at: The State of Security