---
title: Policy CSP - SmartScreen
description: Use the Policy CSP - SmartScreen setting to allow IT Admins to control whether users are allowed to install apps from places other than the Store.
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: dansimp
ms.localizationpriority: medium
ms.date: 09/27/2019
ms.reviewer:
manager: dansimp
---
# Policy CSP - SmartScreen
## SmartScreen policies
-
SmartScreen/EnableAppInstallControl
-
SmartScreen/EnableSmartScreenInShell
-
SmartScreen/PreventOverrideForFilesInShell
**SmartScreen/EnableAppInstallControl**
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
Allows IT Admins to control whether users are allowed to install apps from places other than the Store.
> [!Note]
> This policy will block installation only while the device is online. To block offline installation too, **SmartScreen/PreventOverrideForFilesInShell** and **SmartScreen/EnableSmartScreenInShell** policies should also be enabled.This policy setting is intended to prevent malicious content from affecting your user's devices when downloading executable content from the internet.
ADMX Info:
- GP Friendly name: *Configure App Install Control*
- GP name: *ConfigureAppInstallControl*
- GP path: *Windows Components/Windows Defender SmartScreen/Explorer*
- GP ADMX file name: *SmartScreen.admx*
The following list shows the supported values:
- 0 – Turns off Application Installation Control, allowing users to download and install files from anywhere on the web.
- 1 – Turns on Application Installation Control, allowing users to only install apps from the Store.
**SmartScreen/EnableSmartScreenInShell**
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
Allows IT Admins to configure SmartScreen for Windows.
ADMX Info:
- GP Friendly name: *Configure Windows Defender SmartScreen*
- GP name: *ShellConfigureSmartScreen*
- GP path: *Windows Components/Windows Defender SmartScreen/Explorer*
- GP ADMX file name: *SmartScreen.admx*
The following list shows the supported values:
- 0 – Turns off SmartScreen in Windows.
- 1 – Turns on SmartScreen in Windows.
**SmartScreen/PreventOverrideForFilesInShell**
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
Allows IT Admins to control whether users can ignore SmartScreen warnings and run malicious files.
ADMX Info:
- GP Friendly name: *Configure Windows Defender SmartScreen*
- GP name: *ShellConfigureSmartScreen*
- GP element: *ShellConfigureSmartScreen_Dropdown*
- GP path: *Windows Components/Windows Defender SmartScreen/Explorer*
- GP ADMX file name: *SmartScreen.admx*
The following list shows the supported values:
- 0 – Employees can ignore SmartScreen warnings and run malicious files.
- 1 – Employees cannot ignore SmartScreen warnings and run malicious files.