How to Enable Windows 10 Ransomware Protection to Protect Folders

Ransomware is growing rapidly and infecting many systems. What makes ransomware dangerous is that it can encrypt all your files and hold them hostage until you pay the demanded ransom. To protect your data, follow the below steps to enable Windows 10 ransomware protection.

Starting from Windows 10 v1709, you can enable a new feature called Controlled Folder Access to protect folders from ransomware in Windows 10. Since most of our computers contain sensitive information like personal photos, documents, etc., you should consider enabling the ransomware protection in Windows 10. That way, your data is safe and sound.

Jump to:

What is Controlled Folder Access

Controlled Folder Access is a newly integrated feature in Windows Defender. As the name suggests, it is designed to protect the system and user added folders from ransomware. When enabled, Controlled Folder Access will block applications from accessing the protected folders until Windows Defender deems it safe.

Of course, there will be times when Windows Defender might block a legitimate application from accessing the protected folder.

In those cases, you can instruct Windows Defender to allow the application by adding it to the allowed apps list.

Since no program can access the protected folder without going through Windows Defender, the data in those folders are safe from ransomware and any other malicious threats like viruses, malware, etc.

Enable Windows 10 Ransomware Protection

1. First off, search for “Windows Security” in the start menu and open it.

Windows 10 ransomware protection - open windows security

2. Now, select “Virus and Threat Protection” on the left panel. On the right panel, click on the “Manage Ransomware Protection” link under the Ransomware Protection section.

Windows 10 ransomware protection - open ransomware protection

3. Toggle the switch under Controlled Folder Access to “On” position. This action will turn on ransomware protection.

Windows 10 ransomware protection - enable controlled folder access

As soon as you toggle the switch, ransomware protection is enabled in Windows 10.

Protect Folders Against Ransomware

1. By default, Windows protects the default user folders like documents, pictures, etc. To protect a custom folder from ransomware, you have to manually add the folder controlled folder access. To do that, click on the “Protected Folders” link.

Windows 10 ransomware protection - select protected folders

2. To add a folder, click on the “Add a protected folder” button.

Windows 10 ransomware protection - click add protected folder

3. Navigate to where your folder is located, select it and click on the “Select Folder” button.

Windows 10 ransomware protection - select folder

4. That’s it. You’ve successfully added a folder to the Ransomware Protection.

Windows 10 ransomware protection - folder added

Following the same procedure, you can add as many folders as you want in the ransomware protection list.

From this point forward, applications cannot access the protected folders until Windows Defender deems it safe or you manually allow. Every time an app is blocked from accessing a protected folder, Windows will display a notification letting you know the same.

If you ever want to, you can remove the folder from protected access by selecting it and clicking on the “Remove” button.

Windows 10 ransomware protection - remove folder from protected list

Controlled Folder Access – Allow Applications

Like I said before, once you add a folder to controlled folder access, Windows Defender will block apps from accessing those protected folders. However, you can manually add a program to the allowed list. This action allows the program to access all the protected folders on your system. For example, I protect my work folder with Controlled Folder Access. However, I need programs like Snagit, Typora, OneDrive to be able to access that folder.

1. Go back to the Ransomware Protection screen and click on the “Allow an app through Controlled Folder Access” link.

Windows 10 ransomware protection - select allowed apps link

2. Here, click on the “Add an allowed app” button.

Windows 10 ransomware protection - click add allowed app

3. You will see two options. If the application you are trying to add has just been blocked then select the “Recently blocked apps” option.

Windows 10 ransomware protection - select recent apps

4. Now, click on the “+” button next to the application.

Windows 10 ransomware protection - select app from recent list

5. It will be added to the allowed apps list.

Windows 10 ransomware protection - app added from recent list

7. If the app is not in the recent apps list, you can add it manually by browsing for it. To do that, click on the “Add an allow app” button and then click on the “Browse all apps” button.

Windows 10 ransomware protection - select browse all apps

8. Browse for application’s exe file, select it and click on the “Open” button.

Windows 10 ransomware protection - select app from window

9. The target application will be instantly added to the allowed apps list.

Windows 10 ransomware protection - app added to allowed list

Once the app has been added, it can access the protected folders without any restrictions.

You can add as many apps you want to the allowed apps list. Unless it is absolutely necessary, don’t give apps access to the protected folders. Also, keep in mind is that an app in the allowed list can access all the protected folders in Controlled Folder Access.

Wrapping Up

That is all there is to do. It is that simple to enable and configure ransomware protection in Windows 10.

Image credit: Christiaan Colen – Cryptolocker Ransomware

Leave a Comment

Scroll to Top