Enhance Windows 10 Security with Controlled Folder Access


Controlled folder access adds extra security to Windows 10 by monitoring protected folders for changes that apps attempt to make. Here’s how to turn it on.

The Windows 10 Fall Creators Update will include new enhanced security features via the built-in Windows Defender Security Center. One of those enhancements is Controlled Folder Access (CFA). Its purpose is to guard your protected folders against malicious threats such as the increasingly sophisticated ransomware attacks that keep cropping up.

Starting with Insider Build 16232 CFA monitors changes that apps try to make to files in protected folders. This feature also lets you manually add additional folders you want to be protected and the apps you want to allow access.

According to Microsoft exec Dona Sarkar: “Controlled folder access monitors the changes that apps make to files in certain protected folders. If an app attempts to make a change to these files, and the app is blacklisted by the feature, you’ll get a notification about the attempt. You can complement the protected folders with additional locations, and add the apps that you want to allow access to those folders.”

Enable Controlled Folder Access in Windows 10

To enable this extra protection, open Windows Defender Security Center and then select Virus & threat protection settings.

1 virus-threat-protection

Next, select Virus & threat protection settings.

Threat Protection

On the next screen, scroll down and toggle the Controlled folder access on and confirm the action if prompted by UAC.

Controlled Folder Access

Windows system folders are protected by default, but you can also add more protected folders manually. To do that, click on the Protected folders link and select Add a protected folder and browse to the folder you want to be protected.

 add folder

You can also choose which apps are allowed to access protected folders. Just click the Allow an app through Controlled folder access link and then click Add an allowed app. Then browse to the app’s executable file that you want to let through.

allow app

If an app is blocked from making changes to files in a protected folder you’ll see a notification of what was blocked.


Microsoft is adding more layers of security to the next major upgrade for Windows 10 and giving users more control over those settings. For instance, check out our article on how you can increase the Windows Defender Cloud Protection level.

Do you like the idea of more built-in security options coming to Windows 10? Let us know in the comments below and for more discussion make sure to check out our Windows 10 Forums!



  1. ramu kaviyoor  

    This option is missing in my Windows10x64 Home.

    • murli  

      it’s currently available in insider testing builds

  2. Sasha99  

    Will Windows defender work along side or compete against my other antivirus program?

    • In most cases yes. But, it’s not recommended or needed. Don’t forget, Microsoft is getting data on virus and malware from hundreds of millions of systems. Been running Defender for years with no issues. Highly recommend them on Windows systems to my readers.


  3. dwmc2  

    Experimenting with / using Controlled folder access (now released). To allow an app to save to any controlled folder, you must add the app (full pathname) to the list AND close and restart the app. When an app encounters the protection, it will show an alert “folder not found” and a popup window will BRIEFLY give the partial app file name. You must find the full app filename and add it to the list.

    Surprisingly, some Windows utilities such as Windows Fax and Scan (WFS.exe) are not pre-registered to save items into a controlled folder.

  4. Arthur Mussman  

    A virus uses controlled folder access to deny use of Quicken.

  5. Dale Newcomer  

    How does the pc owner remove folders he added to the Protected Folder area?

Leave a Reply

Your email address will not be published. Required fields are marked *


To Top