A crucial security feature in Windows Defender comes disabled by default: Ransomware Protection. That’s surprising, since ransomware is a serious threat that locks down your device and blocks you from accessing your data until you pay your attacker. It’s even more surprising when you consider that Ransomware Protection was added way back in the October 2017 Windows 10 update.
The best possible explanation to why Ransomware Protection is disabled by default, as pointed out by gHacks, is that the feature may be prone to false positives. That’s a valid concern, but we sympathize with those who are eager to protect their data given how debilitating ransomware attacks can be.
We’ve covered general ransomware prevention tips before, but Windows 10’s built-in options add an extra layer of protection to your PC. Luckily, not only does Windows Defender include Ransomware Protection, users are able to extend—or limit—its coverage to suit their needs. Here’s how:
Now that you’ve set up Controlled Folder Access, Windows Defender will monitor which programs are accessing the protected folders and the files stored within them. It’ll then block blocks suspicious programs from trying to gain access. While this gives you some peace of mind, the problem is that some “suspicious” programs are not actually malicious. To avoid false positives, you can add a program to the Controlled Folder Access’ whitelist.
Even with fine-tuned ransomware protection from Windows Defender, you should also make sure you’re regularly backing up your files (so you don’t get locked out of anything important, if ransomware strikes). You can use an external hard drive, for example, or you can set up data recovery via OneDrive, which can be enabled in the Controlled Folder Access settings—on the same “Ransomware Protection” screen we’ve previously talked about. You’ll need to set up OneDrive if you haven’t already, and you only get 5GB of free space, but you’ll be able to recover your critical data in the event of a ransomware attack.