Recently while listening to Security Now Episode No 732, mention was made of Ransomware Protection built into Windows Security in Windows 10.
It is “Off” by default, but it is a good idea to turn it on. I have deliberately not mentioned this to most of my friends as it can be a bit confusing to use and most ransomware attacks are targeted.
I have had it turned on for some time, but I admit that the earliest versions were annoying. The biggest challenge was finding a program file being blocked to place it on the “white list” so it could run. This was particularly the case with store type Apps rather than traditional programs.
However, the latest versions have largely solved this with a “Recently Blocked Apps” button in the “Add an Allowed App” section to make it easy to put a wanted program on the white list.
Ransomware Protection is located in All Settings / Update and Security / Windows Security / Virus & Threat Protection / Ransomware Protection. It consists of two parts:
1. Controlled Folder Access – A white list of allowed programs/Apps; and
2. Ransomware Data Recovery – Back up to One Drive of certain folders.
Naturally the Back Up to One Drive part is limited by the amount of space you have on One Drive. If you only have the free 5 GB, you will not be backing up things like the Pictures folder. However, in my case I have the large allowance that comes with Office 365.
When it is first turned on, you have to spend considerable time adding to the allowed apps list but, over time, as more programs and apps are listed, it only needs attention when you install a new program / app.
I have it turned on and, in addition, once a week I run a manual back up to an external drive that is only attached to the computer during the back up. This might be “overkill” but is just me. I still use Sync Toy for this even though Microsoft does not list any OS after Win 7 under System Requirements for Sync Toy 2.1.