With the release of the new Windows 10 Creators Fall Update last week, users of the operating system got a new mode which aims to stop prohibiting ransomware from encrypting your computer's most important files.
It's called controlled folder access and it's part of Windows Defender Exploit Guard, a new feature protections that adopts the steps of Microsoft's Enhanced Mitigation Experience Toolkit (EMET).
How does managed folder access work?
Control folder access locks folders, allowing only authorized whitelisted applications to access and modify the files contained in them.
By default, it protects the folders where important data such as documents, images, movies, and desktop is stored.
These folders can not be removed from the list of protected folders, but other folders can be added, even if they are on other disks, shared network files and mapped drives.
"You can also allow trusted applications to access protected folders, so if you use unique or custom programs, your productivity will not be affected." says Microsoft.
If instead, an unauthorized application tries to make a change to the files in those folders, the new feature will stop it and the user he will receive a notification about what happened to his computer.
Enable Controlled Folder Access in Windows 10
The easiest way for home users is to activate through the Windows Defender Security Center, from the "Virus and Threat Protection" menu.
With a click on "Antivirus and Threat Protection Settings" switch to the "On" switch. Immediately after you can add new folders to the list of protected folders and applications that can be accessed. 
“In enterprise environments, controlled folder access can also be enabled and managed using Group Policy, PowerShell, or configuration for management mobile devices,” according to Microsoft.
"Controlled folder access is seamlessly integrated with Windows Defender Advanced Threat Protection. Whenever controlled folder access blocks an attempt to make changes to protected folders, a notification appears in Windows Defender ATP. This warns the company's staff to take immediate action. "
Endpoint alerts can be customized so that administrators can include instructions for end users about what should happen next.
Note: to use controlled folder access, real-time protection should be enabled in Windows Defender Antivirus.
Windows 10 CFA Works?
It sounds great but we have not tried it. According others though the new feature seems to work flawlessly…. At the moment, with ransomware circulating to date.
