Data Protector function

Archive
1

Can someone please explain the function of the Data Protector feature? What exactly is the result of adding an extension and the process that handles that extension. For example, if I add the extension associated with backups created by my system backup application, and I add the backup application’s executable to the process white list, does that mean that no other process can either modify or delete files with that extension? What about windows explorer – can that process still delete files with extensions that have been added? It is totally not clear to me what protection is being enforced, or what the ramifications are to the authorized user versus some malicious actor.
Product - Norton 360 Deluxe
OS - Windows 10 Pro

2

I found the article https://www.vssmonitoring.com/norton-antivirus-review/#Data_Protector_for_Ransomware, which says “Using machine learning, Norton Data Protector automatically identifies the most sensitive and crucial files on your computer and prevents any application from imposing any unauthorized encryption.” Is preventing unauthorized encryption the only protection offered by Data Protector? Does the Norton statement that Data Protector “uses Norton reputation technology to identify a process as safe, malicious, or unknown” mean that the only those processes which do not perform unauthorized encryption are considered safe? Or, are other criteria in play? If so, what are they? For example, does Data Protector also stop unauthorized modification or deletion of user files? And, is it necessary to white list an application judged safe by the user only if Data Protector incorrectly determines the application to be unsafe, inadvertently preventing the application from accessing files?

3

Maybe, Norton documentation offers help for your concerns?

Configure Data Protector to block malicious processes affecting your PC
Data Protector protects your PC from malicious processes that intend to destabilize your PC, corrupt and/or steal your data, and propagate the malicious nature to other good processes. It uses Norton reputation technology to identify a process as safe, malicious, or unknown. Depending on your situation, you can add more folders and/or extensions and can also exclude processes for scanning and protection.

https://support.norton.com/sp/en/us/norton-360/22.21.1.151/solutions/v130571264 

FWIW ~ Data Protector feedback
https://community.norton.com/en/forums/data-protector-feedback

Lets hear from Community