Windows has a built-in ransomware protection feature known as Controlled Folder Access. This feature is available in Windows 10 and Windows 11. This feature can be manually turned on on your PC.
How does controlled folder access work?
Controlled folder access works by restricting access to designated folders on your system, allowing only authorized applications to change the files within those folders. When enabled, it creates a list of trusted applications permitted to access the protected folders. Any attempt by an unauthorized application to modify or encrypt files within these folders will be blocked, helping to prevent ransomware attacks.
Here's how controlled folder access generally operates:
- Enabling controlled folder access: Once controlled folder access is activated, it monitors specified folders for any suspicious activity.
- Defining protected folders: Users can designate which folders they want to protect. Important directories containing documents, photos, and other sensitive files are typically selected for protection.
- Trusted applications: Controlled folder access maintains a list of trusted applications allowed to access the protected folders. These are usually system processes and applications considered safe by default.
- Blocking unauthorized access: If an application not on the trusted list attempts to access or modify files within the protected folders, controlled folder access will block the action and generate a notification alerting the user of the attempted breach.
- User control: Users have the flexibility to manage the list of trusted applications, adding or removing programs as needed. They can also review logs and notifications to monitor any attempted unauthorized access.
See also:
How to turn on controlled folder access
Open Windows Security
Open the Windows Security app on your PC. You can access it in one of several ways:
- Press Alt + Spacebar on your keyboard, type in Windows security, then hit Enter
- Open your Start Menu and type in Windows security, then press Enter
- Open your Settings app, then choose Windows Security in the left pane
Find the ransomware settings
- Click on "Virus & Threat Protection" in the Windows Security application. Then, from the bottom of the screen, select Manage Ransomware Protection.
- Next, turn on controlled folder access. The default OneDrive, Documents, Pictures, Videos, Music, and Favorites folders on your PC are no longer accessible to apps thanks to this change. Other folders can be manually added to the list as well.
- Not all Windows apps will be blocked; Microsoft Office applications can open and modify files by default. If the app is not part of Microsoft’s list of trusted apps, the ransomware protection program will not be able to access it until it is granted permission to do so.
Log onto OneDrive
- Another important method of defense is to have good backups, and Windows takes care of this for you if you're connected to OneDrive.
- To confirm that this protection is on, you can look at Ransomware protection > Ransomware data recovery.
Read more: Windows includes built-in ransomware protection. Here’s how to turn it on
FAQs
Does controlled folder access protect against all types of malware?
Controlled folder access is primarily designed to protect against ransomware attacks that attempt to encrypt files for ransom. While it can provide some protection against other types of malware, such as viruses and trojans, it's not a comprehensive solution for all types of malware threats.
See also: Why antivirus software isn’t enough
Does a Windows reset remove ransomware?
While a Windows reset can help remove some instances of ransomware, it's not a foolproof method, and prevention measures should be prioritized to avoid ransomware infections in the first place.