Anti-Virus Exceptions

This article explains how to configure Windows Security Exceptions required for proper SSProtect operation.

Overview

SSProtect utilizes a host-based software component, the :Foundation Client, to protect and manage sensitive application data with minimal impact to your daily affairs. The software implements a complex set of coordinated activities that work behind the scenes, on your behalf, to reduce reliance on purposed operations typically required by file encryption software.

Defense In Depth

SSProtect was designed to work in conjunction with other data security software technologies, implemented Defense in Depth: With a variety of techniques operating at the same time, intruders are forced to elevate the sophistication of their attacks lest they are detected, flagged, and defeated. This requires security software to minimize its' impact to the host computing environment.

Host Interoperability

Unfortunately, software can't always fully achieve complete independence, and as a result, certain operations have an impact on the facilities on which SSProtect relies. This is not uncommon when working with Anti-Virus/ Anti-Malware software and other host-based protections, and as a result most if not all (credible) vendors offer a way to define Exceptions such that AV/ AM software doesn't interrupt a legitimate protective mechanism offered by another.

Windows Security Exceptions

Windows 10 includes fairly advanced host-based protections, however they can and sometimes do have an impact on legitimate SSProtect operations. For this reason, it is important to configure one or more Exceptions for SSProtect.

Use the following procedure to configure the noted Exception:

1. Use the notification tray near the taskbar's Date/ Time display to locate the Windows Security icon
2. Right-click Windows Security and choose, View security dashboard from the menu
3. Click Virus & threat protection, then Manage Settings under Virus & threat protection settings
4. Scroll down to Exclusions and click Add or remove exclusions
5. Click Add an exclusion then choose Process
6. Enter SSProtect.exe then click Add
7. Click Add an exclusion again, then choose Folder
8. Navigate to C:\Program Files\DefiniSec\SSProtect and choose Select Folder

This informs Windows Security to allow SSProtect (and its' supporting components) without limitations, avoiding the potential for false-positives that would otherwise prohibit normal operation (which would then inhibit proper SSProtect operation, exposing content to other, real threats).

Controlled Folder Access

Controlled Folder Access is a Windows Security technology designed to stop malicious applications from accessing and/ or manipulating data in specific mass storage locations. This facility is not compatible with SSProtect, and must be disabled in order for SSProtect to operate properly.*

If you're using SSProtect to manage all sensitive content stored on your host computer, you can disable Controlled Folder Access as follows:

1. Use the notification tray near the taskbar's Date/ Time display to locate the Windows Security icon
2. Right-click Windows Security and choose, View security dashboard from the menu
3. Click Virus & threat protection, then Manage settings under Virus & threat protection settings
4. Scroll down to Controlled folder access and click Manage Controlled folder access
5. Slide the On/ Off toggle switch to the Off position to disable Controlled Folder Access

If you choose to enable Controlled Folder Access, you can preclude conflicts with SSProtect as follows:

1. Click Protected folders and limit scope to locations you will not use with SSProtect'd content
2. Click Allow an app through Controlled folder access
3. Verify the presence of C:\Program Files\DefiniSec\SSProtect.exe, which will be present if you configured the Exclusion in the previous section
4. If SSProtect isn't already excluded, click Add an allowed app
5. Use the given controls to find and configure C:\Program Files\DefiniSec\SSProtect.exe

NOTE: We do not recommend concurrent use of Controlled Folder Access and SSProtect since it requires that you remember and purposely avoid specific Folders. This is an error-prone approach that can create attacker opportunities.

Other Anti-Virus and Anti-Malware Software

Most business Anti-Virus/ Anti-Malware software* is compatible with SSProtect even without Exception configuration. However, when it doubt and/ or if you encounter unpredictable behavior, refer to your vendor's documentation to configure an Exception for SSProtect and its' associated components as noted above. Use the resources in the following section for additional assistance.

* Kaspersky seems to oscillate between functional and not functional as new updates are released. For this reason, we recommend configuring the appropriate Exception(s) even when testing indicates that software is operating as expected.