This guide will show an administrator how to remove a protected folder, reinstating files to be modified or deleted freely on the folder again for Intune joined devices.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: TBD
Domain: TBD
Modifies: TBD
Device Controlled Folder Access Protected Folder Removal
- Navigate to the Attack Surface Reduction – Intune portal, locate and select the Security Essentials Attack Surface Reduction policy or an equivalent ASR Rules policy.
- Scroll down to Configuration Settings and select Edit.
- The default rules will be displayed. Locate the Controlled Folder Access Protected Folders option, select the desired protected folder that no longer needs the additional security control enforcement. Select the Remove button after the entry has been selected (indicated by a blue checkmark). After the Remove action has been carried out, the entry should no longer be present in the list below. Select Next to proceed to the review section.
- From the Review section, you will be able to select the Settings dropdown to verify that the removed protected folder is no longer present. Select Save to finalize the protected folder removal. Rule changes propagate in less than 24 hours.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.