Windows comes with built-in ransomware protection. Here’s how to turn it on

Make sure to also enable automatic backups.


Ransomware is nasty stuff. This type of malware encrypts files on your PC, rendering them inaccessible until you pay the attacker to unlock the data. In other words, unless you can fend off ransomware attacks by other means, your files will be held hostage until you fork over the demanded ransom.

CBS News just issued a warning about the Scattered Spider ransomware gang, underscoring how much damage ransomware can cause, so being prepared is worth it. Hackers shut down a Las Vegas casino, resulting in millions of dollars in losses. Your personal computer may not be a target, but why tempt fate?

The best way to guard against ransomware is to avoid visiting ransomware-infested websites and downloads, but you can also take other protective measures. Modern antivirus software often limits which applications can modify files in folders typically targeted by ransomware. Microsoft Defender, built into Windows, can do this too. (Microsoft renamed Windows Defender a few years ago, but it’s the same program.) Some antivirus suites also run automatic backups in case you need to restore files.

The catch? Unlike third-party antivirus software, Microsoft Defender doesn’t enable these extra protections by default. You have to enable them yourself.

How to Open Ransomware Protection in Windows

Step 1: Open Windows Security

Open the Windows Security application on your computer. You can access it in one of the following ways:

  • Press Alt + Spacebar on your keyboard, type “windows security,” and then press Enter.
  • Open the “Start” menu and type “windows security,” then press Enter.
  • Open the “Settings” app, then select “Windows Security” from the left pane.

Step 2: Find Your Ransomware Settings


In the Windows Security application, click on “Virus & threat protection.” Then click on “Manage ransomware protection” at the bottom of the screen.

Next, open “Controlled folder access.” This setting restricts access to default folders such as OneDrive, Documents, Pictures, Videos, Music, and Favorites. You can also manually add other folders to the list.

Not all applications are prevented from accessing these areas in Windows – Microsoft Office programs are automatically allowed to open and modify files. However, if it’s not on Microsoft’s internal list of trusted applications, the program won’t be able to see anything in these folders unless explicit permissions are granted in Windows Security.

Step 3: Ensure You’re Signed in to OneDrive

Restricting access to files and folders doesn’t fully protect them. Another important defense method is having good backups, and Windows automatically does this if you’re signed in to OneDrive. (You can either link your Microsoft account to your entire Windows PC or just to the OneDrive app.)

To confirm this protection is enabled, you can check under Ransomware protection > Ransomware data recovery.


Of course, for the most secure file backups to avoid the worst impact of ransomware, offline backups are recommended. In addition to anything stored in the cloud, you should also make a physical backup — after all, if you only have one copy of your data, you haven’t really backed it up properly.

Should you enable ransomware protection in Windows?

Security and convenience often sit at opposite ends of the spectrum, and this is no exception here. Controlling folder access in Windows can keep attackers away from your important folders but may also be a bit inconvenient. For example, gamers might find that access to saved files may be blocked by default since they are typically stored in the “Documents” folder.

You can address this issue with minimal effort by adding applications to the access list or by saving game files to other folders on your computer that don’t have controlled access. (You simply need to use third-party software to set up a schedule for regular backups.)

You can also protect your Windows PC from other online threats.

If you prefer more sophisticated software and additional protection, you might also consider upgrading your antivirus software. For example, Norton 360 Deluxe, our current top pick for antivirus software, bundles robust malware protection with features like VPN, password manager, and personal data dark web monitoring. It can help streamline the process of keeping yourself safe online.

Leave a Reply

Your email address will not be published. Required fields are marked *