Ransomware hackers continue to threaten K-12 schools. There are different types of ransomware, but all prevent access to a school or district’s computing resources until a ransom is paid. Although it’s tempting to rely on automated technologies such as patch management and anti-virus software, simply leaning on these devices is not likely to be enough to avoid losses. Ransomware targets endpoints, so IT leaders can protect endpoints through different security controls. Endpoint protection bundles can include advanced anti-malware, anti-spam, antis-phishing, and firewalling capabilities for desktops and laptops. Unified threat management solutions offer safeguards for servers. You can also manage your vulnerability with regular system updates of your endpoint’s OS and applications. IT leaders can also double-down on configuration management. Some ransomware takes advantage of weak security configuration settings. Districts should create security configuration checklists for managing their endpoints. When all else fails, you can use application whitelisting, which means that a system will approve an executable to run only if the school district has specifically approved its use. However, to be effective, whitelisting needs to be kept up to date.