diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md
index 29ed15335f..938a3a3512 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md
@@ -53,6 +53,8 @@ For more information about disabling local list merging, see [Prevent or allow u
 >If controlled folder access is configured with Group Policy, PowerShell, or MDM CSPs, the state will change in the Windows Security app after a restart of the device.
 >If the feature is set to **Audit mode** with any of those tools, the Windows Security app will show the state as **Off**.
 
+>If you are protecting user profile data, it is recommended that user profile should be on default Windows installation drive.
+
 ## Intune
 
 1. Sign in to the [Azure portal](https://portal.azure.com) and open Intune.