Do you know that the latest version of Windows i.e. Windows 10 automatically secures files and folders from ransomware attacks? No!! In this blog we will introduce “controlled folder access” feature of Windows 10, designed majorly for blocking ransomware and protecting your data from being compromised. This feature also secures files and folders from undesirable modifications caused due to malicious programs. Here, we will guide you how to enable ‘Controlled folder access’ on Windows 10.
This feature is a part of Windows Defender Exploit Guard encompassed in Fall Creators Update. When this opt-in character is enabled, it tracks the apps in the form of scripts, executable files and DLLs and tries to bring some modifications in files located in the secured files. In case, you have installed malicious apps that are unrecognizable to Windows 10, this feature will block the app instantaneously and will send you a notification about dubious activities.
Let’s learn about three different approaches that helps enable controlled folder access in Windows 10.
How to Enable Controlled Folder Access Using PowerShell
Method 1
By using PowerShell, you can enable and configure this new feature. All you have to do is go to start and type “Windows PowerShell”. The, right-click on the result and click Run as administrator.
To enable the feature type the following command and press Enter. You will get the following result.
Set-MpPreference -EnableControlledFolderAccess Enabled
Method 2
It is possible that Controlled folder access can block those apps that you are using for long time and is trustworthy. To bring that app into whitelist, you can use PowerShell in following way.
Go to Start and search for Windows PowerShell, then right-click on the result and click Run as administrator.
Type the command mentioned below and press Enter.
Add-MpPreference -ControlledFolderAccessAllowedApplications “D:\path\to\app\app.exe”
Method 3
There are certain files that are not located in the default protected folders and demands fortification. Here, you can use PowerShell command and add a new location for those files.
Open start and look out for Windows PowerShell, then right-click on the result and tap Run as administrator. Then add the command mentioned below and press enter.
Add-MpPreference -ControlledFolderAccessProtectedFolders “D:\folder\path\to\add”
How to Enable Controlled Folder Access via Security Center
Method 1
The simplest technique to configure and enable Controlled folder access is by using Windows Defender Security Center dashboard. Just launch Windows Defender Security Center and tap on “Virus & threat protection” option.
Reach to its settings option and set in motion the toggle switch.
Windows Defender Antivirus can now secure your files and folders from illegal access via nasty programs.
Method 2
By adding new location, you can protect your pictures, documents, videos and favorite folders. However, you cannot modify the default list of secured files and folders but if you have stored your files in any other location then you can shield them by adding manually a new folder or drive path.
Begin with launching Windows Defender Security Center and then tap on Virus & threat protection. From there, reach to its settings option and tap the Protected folders link.
Finally, click “Add a protected folder” option. You can also move to new location if you plan to add and tap the Select folder button.
Method 3
If you want to allow specific apps that you consider is safe and trustworthy but Windows 10 eventually blocks it, then you must manually allow the app. Go to Windows Defender Security Center and tap on Virus & threat protection. Visit the settings option and under “Controlled folder access,” tap “Allow an app” via Controlled folder access link.
Finally, click the button “Add an allowed app”.
Also Read : 10 Best Anti-Malware Software for Windows
Empower Controlled Folder Access by Means of Group Policy
Method 1
You can also use local group Policy editor to enable Controlled Folder Access. Let me show how. To open the run command, use Windows key + R keyboard shortcut and after typing gpedit.msc and open the Local Group Policy Editor by clicking Ok.
Surf the succeeding path:
Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled Folder Access
Double-click “Configure Controlled folder access policy” on the right side and choose “Enabled” button. In “Option” section, choose Block option by using drop-down menu and finally apply.
Now your folders and files can be easily guarded that are stockpiled in the default section. However, the only problem that exists with this step is that other arrangement will demand changes using Group Policy.
Method 2
Unprotected files that are located in different folder can be shielded via “Configure protected folders” policy, which adds new location. To open the Run Command, use a keyboard shortcut “Windows key + R” and enter gpedit.msc in order to browse Local Group Policy Editor.
Now, browse the given path:
Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled Folder Access
Now, double-click Configure protected folders policy at the right side and choose Enabled button.
In “Options” section, you will find a Show button, click on it and define the locations that you plan to shield by inserting the folder’s route in the “Value name” field. Next, add 0 in the “Value” field. Repeat this action to add other locations.
Method 3
When applying Group Policy to enable Controlled folder access, use the “Configure allowed applications” policy for whitelisting the apps that you are confident about and avoid getting blocked.
To open the run command, use Windows key + R keyboard shortcut. To open the Local Group Policy Editor, type Type gpedit.msc
Browse the given route:
Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled Folder Access
Now, double-click Configure allowed applications policy on the right side and choose the Enabled option. In “Options,” you will find Show button, click on it.
Outline the app’s location .exe file that you intend to permit in the “Value name” field. Then add 0 in the “Value” field.
Repeat this step to add more locations.
Must Read : Top 10 Antivirus For Windows
If you own Windows 10 and plans to secure files and folders from ransomware attack, the new updates of Windows 10 can come handy. Do you know any tips and tricks, which are not mentioned in this list? Do let us know in the comments section below!