Method 1 of 2
Turn on Controlled Folder Access in Windows 10
Step 1: Open the Settings app. Navigate to Update & security > Windows Security (Windows Defender).
Step 2: Click Open Windows Defender Security Center button.
Step 3: Click Virus & threat protection. Now click Virus & threat protection settings link.
Step 4: In the Controlled Folder Access section, click Manage Controlled folder access link.
Step 5: Move the Controlled folder access switch to the “On” position to turn on the ransomware protection. Click Yes button if you get the User Account Control prompt.
Step 6: Now, click Protected folders link, click Add a protected folder option and then add a folder that you want to protect from ransomware. If you want to protect multiple folders, please add them one-by-one.
Note that many of the library folders such as the desktop, documents, pictures, and videos are protected by default. It’s important to note that you can add additional folders to the default list but cannot remove folders from the default list.
Step 7: Most of the common apps will be allowed to access files in Controlled Folder Access, but if you want to allow an unknown program to access these folders, you can add it here.
Finally, click Allow an app through Controlled folder access link to add apps that you want to allow to make changes to files in these protected folders.
That’s it! You have now set up the built-in ransomware protection in Windows 10.
Method 2 of 2
Enable and configure Controlled Access via PowerShell
In addition to Windows Defender Security Center, one can also use the PowerShell to enable the Controlled Access and add folders to it.
Step 1: Open PowerShell as administrator. At the PowerShell window, type the following command and then press Enter key to turn on Controlled Folder Access.
Set-MpPreference -EnableControlledFolderAccess Enabled
Step 2: Lastly, to add folders to the default list, use the following cmdlet.
Add-MpPreference -ControlledFolderAccessProtectedFolders “<the folder to be protected>”