Enable controlled folder access
Implementation Effort: Medium: Customer IT and Security Operations teams need to drive projects to configure and deploy controlled folder access using various methods.
User Impact: Medium: A subset of non-privileged users may need to be notified of changes, especially if they need to interact with protected folders or trusted applications.
Overview
Controlled folder access is a feature in Microsoft Defender for Endpoint that helps protect valuable data from malicious apps and threats, such as ransomware. It can be enabled and configured using several methods, including Group Policy, PowerShell, Microsoft Configuration Manager, and Mobile Device Management (MDM), fitting into the Zero Trust framework by ensuring only trusted identities can access protected folders.
Reference
Enable controlled folder access - Microsoft Defender for Endpoint