Microsoft explains how its next-gen security can protect files from being encrypted by ransomware extortionists.
It works by only allowing whitelisted apps to access files in the Controlled folder list. Users can add new folders to the protected zone and adjust which apps are authorized to access files in it.
Microsoft has been testing the feature with Windows Insiders since July but now it’s making its way to the general public.
Consumers can enable the feature through the Windows Defender Security Center app by clicking the shield icon and toggling on Controlled folder access. It automatically protects Windows system folders and default locations such as Documents, Pictures, Movies, and Desktop.
Users can also add other folders and other drives by clicking the shield icon in the Windows Defender Security Center and clicking through to the Virus and threat protection settings.
The feature also issues alerts when an unapproved app attempts to access or modify files.
Controlled folder access may be trickier for enterprises to deploy as it’s a new technology and could block legitimate apps from working.
To assist enterprises, Microsoft suggests admins run Controlled folder access in audit modeto test its impact.
Admins can enable Controlled folder access via the Windows Defender Security Center, Group Policy, PowerShell, or via a mobile device management configuration service provider. They can also manage which folders are protected and which apps are whitelisted through these tools.
Microsoft automatically allows a set of apps it considers trustworthy to access files protected by Controlled folder access. Admins can use Windows Defender Security Center app or Group Policy to add and remove apps that can access these files.
In the enterprise, Controlled folder access is one of four components of the Fall Creators Update’s Windows Defender Exploit Guard, along with Attack Surface Reduction (ASR), Network protection, and the EMET-based Exploit Protection.
ASR requires enabling Windows Defender antivirus and can prevent common techniques used in malware, by blocking hidden macro code and stopping Office apps from creating executable content.
Source:https://www.zdnet.com/article/windows-10-security-heres-how-to-shield-your-files-from-ransomware-says-microsoft/
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.
