5.3. Mobile NAC and Direct Attacks

You now know why companies look at Mobile NAC, but what does it actually protect against? Mobile NAC helps protect against the following:

  • Direct attacks

  • Wireless-related attacks

  • Malware

5.3.1. Exploiting Laptops with Direct Attacks

Whether it's war, boxing, football, or computer security, it's just plain easier and more effective to attack the weakest point. If a football team has a defensive line that can't stop the run, then run the ball right at them. If you're boxing and your opponent has a bad head cut, hit your opponent in the bad cut. If a company spends millions of dollars protecting its LAN but doesn't protect its laptops, attack its laptops.

Here are two important tactics to realize about hackers:

  • Tactic 1 — They will target companies specifically.

  • Tactic 2 — They don't care who their target is. If the target is vulnerable, they'll attack.

Regardless of the tactic, hackers will go for the weakest link first. Often, that weakest link is the mobile user. If the hackers' goal is to break into BigCompany, Inc., then the hacker can try many different means to break into that company. If the hacker can't break through BigCompany's LAN defenses, he or she can simply try to attack the company's laptops.

If hackers don't care whom they exploit, they will simply look for a vulnerable device and attack. Everyone has something valuable, or sometimes they just want to use the device as a means to attack other systems. The question to enterprises is ...

Get Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.