Methods to Enable Controlled Folder Access on Windows 10/11
Summary: Did you know Windows 10 and 11 come baked-in with a controlled folder access feature – a mechanism to protect critical folders and files from ransomware? Let’s find out more about it and ways to enable it to use to your advantage.
Ransomware and malware have become quite advanced in the recent years. They exploit user files and data by holding them hostage. To tackle this issue, Microsoft devised an ingenious way to protect user data from such malicious attacks. The controlled folder access feature was developed to protect user files and data from ransomware and other kinds of malware.
Let’s dive further to learn more about controlled folder access and the ways to enable it on windows 10/11.
What is Controlled Folder Access and How it Works?
Controlled Folder Access is an anti-intrusion feature developed by Microsoft to safeguard user data and the computer on which the data is stored. Enabling this feature prevents malware and ransomware to hold the data hostage and exploit it for fulfilling malicious intents.
It comes added in the list of features of Windows Defender, now known as Windows Security on Windows 10/11 devices. It helps in stopping malware from exploiting your data and protects unwanted file changes from malicious apps. Though it is a feature that works once it is enabled, by default, it already protects certain system folders like c:\users\<username>\documents, etc.
Once configured and enabled, controlled folder access works by only allowing trusted apps to access protected folders. It tracks apps and their activities, and blocks any attempts from the apps that are not on its trusted application list. The feature is supported on Windows server 2019, 2022, 10, and 11.
Note - Users can also try the Audit mode, which is like a testing ground to see what will happen if controlled folder access is enabled on the computer. Users can test it according to their requirements to understand how this will protect against suspected apps and ransomware.
How to Enable Controlled Folder Access?
Now that we know what controlled folder access is, let’s look at the methods to enable and use controlled folder access, which is a part of the Exploit Guard feature in Windows Defender.
Method 1: Enable Controlled Folder Access Using Windows Security App
- Open Windows Settings app by pressing Windows + I.
- Click on Update & Security.
- Click on Windows Security in the left pane.
- Click on Virus & threat protection under Protection areas.
- Navigate to the Ransomware protection section and click on Manage ransomware protection under it.
- Enable controlled folder access by toggling the switch under it to ON state.
Note – This method is not available on Windows Server 2012R2 and 2016.
Method 2: Enable Using Microsoft Intune
Microsoft Intune is a cloud-based endpoint management solution, which simplifies user access and device management across many devices like mobile devices, desktop computers, and virtual endpoints. Controlled folder access feature is used in this software to protect data and minimize data leakage. Let’s see how to enable controlled folder access using Microsoft Intune –
- Sign in to the Microsoft Intune administrator center.
- Open Endpoint Security.
- Go to Attack Surface Reduction and then Policy.
- Select Platform and choose Windows 10 and later.
- Select the profile Attack Surface Reduction rules and click Create.
- Name the policy, add its description, and then click on Next.
- Scroll down, click on the Enable Folder Protection drop-down and choose Enable.
- Select List of additional folders that need to be protected and add folders to it.
- Select List of apps that have access to protected folders and apps to it.
- Select Exclude files and paths from attack surface reduction rules and files and paths to it.
- Select the profile Assignments, assign to All Users & All Devices and click on Save.
- Click Next and then Create.
Method 3: Using Microsoft Configuration Manager
Microsoft Configuration Manager is an integrated IT solution developed as a part of Microsoft Intune, which helps with effective system and device management. You can learn how to install it.
Once it is installed, follow the steps listed below –
- Launch Microsoft Configuration Manager.
- Go to Asset and Compliance, then Endpoint Protection and then Windows Defender Exploit Guard.
- Select Home and click on Create Exploit Guard Policy.
- Give it a name and enter its description.
- Select Controlled folder access and click on Next.
- Choose different settings like block or audit changes, add allowed apps and folders. Click on Next once done.
- Review the settings and click Next to create the policy.
- Close the wizard once the policy has been created.
Method 4: Using Group Policy
Group policy editor is an administrative tool in Windows 10/11 which is used for configuring important system policies. You can use group policy to enable controlled folder access on your windows 10/11 computer. Follow the steps below to do so –
- Press WIN + R and type gpedit.msc and hit Enter. This will open the Local Group Policy Editor window.
Tip - You can also open it by searching for edit group policy in the search bar present near Cortana button.
- In the left pane, expand Computer configuration > Administrative Templates.
- Expand Windows Components and then Microsoft Defender Antivirus.
- Double-click on Microsoft Defender Exploit Guard in the right pane.
- Double-click on the Controlled Folder Access in the Right Pane.
- Double-click on the Configure Controlled folder access setting.
- Click on Enable.
- Under the Options section, click on the drop-down menu and select the folder guard configuration.
- Once everything is done, click on Apply and OK.
Method 5: Use Windows PowerShell
- Press WIN + R to open RUN.
- Type PowerShell and press CTRL + SHIFT + ENTER to open it with administrator privileges.
- Type the following command in the terminal -
Set-MpPreference -EnableControlledFolderAccess Enabled
- Press Enter to execute it.
Note – You can type the same command and replace Enabled with Disabled to disable controlled folder access. You can also use AuditMode instead of Enabled to test controlled folder access feature.
What to Do If You have Lost Your Data Due to a Cyberattack?
Malware, ransomware and viruses are destructive lines of code that target the user data and try to edit them or hold them hostage. This can cause data corruption and even data loss in many cases.
Using Windows Defender or a third-party antivirus software can help you safeguard your files from basic malware attacks. But there are certain advanced viruses that get past these filters and attack system files. These attacks cause data corruption and loss.
If your data is lost or missing from your computer due to a malware, then you can use a data recovery software to recover your lost data. In such a case a powerful data recovery software like Stellar Data Recovery can help you do this.
This software can easily recover lost or missing data from malware infected drives and computers. It can also recover any type of data from crashed computer drives, crashed partitions, and from other data loss scenarios like accidental deletion, corruption, etc. Stellar Data Recovery is powered by its advanced data recovery mechanism, which makes it capable of handling numerous data loss scenarios like data corruption, accidental deletion, malware infection, and more.
Final Verdict
We understand how important the data stored on our computers is. From photos to videos to important documents, we use our Windows computers to store it all. While surfing the internet or connecting from an untrusted network, we should be cautious as they could possibly infect our computer with malware and ransomware. We should also avoid downloading or installing any apps and files from untrusted or flagged websites.
To fend of attacks from such malicious programs, Windows 10/11 offers a great tool called Controlled Folder Access, which helps in protecting the data from such external attacks. In this post, we discussed about the controlled folder access feature in Windows 10/11 and various methods to enable it. Which method did you find the easiest to employ? Do let us know in the comments.
FAQs
Q. What does the controlled folder access feature do?
A. Controlled folder access feature protects the selected folders and their contents from ransomware attacks.
Q. How do I enable ransomware protection in Windows 10/11?
A. Open Windows Security App > Virus & Threat Protection > Ransomware protection > Manage ransomware protection > Toggle the switch to ON state.
Q. Is controlled folder access enabled by default in Windows 10/11?
A. No, controlled folder access is not enabled by default on Windows 10/11. You have to enable it manually.
What should I do if I need to allow a specific app or program to make changes to a protected folder?
You can add the app or program to the list of allowed apps in the Controlled Folder Access settings in the Windows Security app. Alternatively, you can temporarily turn off Controlled Folder Access while you make the necessary changes and then turn it back on afterwards.
Does enabling Controlled Folder Access affect system performance?
Enabling Controlled Folder Access may cause a slight decrease in system performance, as it requires additional processing power to monitor and restrict access to protected folders. However, the impact should be minimal and should not noticeably affect normal computer use.
Can I customize the folders that are protected by Controlled Folder Access?
Yes, you can customize the folders that are protected by Controlled Folder Access by adding or removing folders from the list of protected folders in the Windows Security app.