One of such controls which leads to an improved resiliency of an organization against ransomware is a security feature introduced in Fall Creators Update (2017). This feature is called “Controlled folder access” and comes as part of Windows Defender Exploit Guard. This feature is available for both Windows 10 and Windows Server 2019.
Controlled Folder access monitors all processes attempting to change data in defined folders: if a process tries to modify files in these protected folders without being authorized to do so, the operation is blocked and an alert is generated. This stops ransomware and prevents malicious programs from making changes, protecting the data and files.
When implementing Controlled folder access, the user or the system administrator may add the necessary applications to a whitelist of applications that are then allowed to access and change the protected folders.
Download Case Study Learn How to Defend Your Data Against Ransomware
Watch How RYUK Ransomware Takes Control Over Computer Files in a Matter of Seconds: