By Tony Wilson
We are often asked how to prevent, or alert the user that, an untrusted file has been downloaded from the internet. This is a requirement of Cyber Essentials and relates to question 4.5 of our questionnaire.
It is often a good idea to check your anti-virus programme as it may have options to prevent such files running – or at least provide sufficient warning about the file you are about to run.
Windows allows Software Restriction Policies (SRPs) to be deployed. As the name suggests, software can be prevented from running under certain conditions (such as from the downloads area. Be careful with this as it is possible, if badly configured, to actually stop every file from running on the computer (including Operating System files) and effectively locking you out of the device. For further information on SRPs please check out this Microsoft link: https://technet.microsoft.com/en-us/library/bb457006.aspx
Attachment manager has been a well kept secret by Microsoft since its inclusion in all Windows Operating Systems since XP. This feature controls the behaviour associated with downloaded files from the internet. More information can be found here: https://support.microsoft.com/en-us/help/883260/information-about-the-attachment-manager-in-microsoft-windows though we have included a simplified overview here.