5.3. Mobile NAC and Direct Attacks
You now know why companies look at Mobile NAC, but what does it actually protect against? Mobile NAC helps protect against the following:
Direct attacks
Wireless-related attacks
Malware
5.3.1. Exploiting Laptops with Direct Attacks
Whether it's war, boxing, football, or computer security, it's just plain easier and more effective to attack the weakest point. If a football team has a defensive line that can't stop the run, then run the ball right at them. If you're boxing and your opponent has a bad head cut, hit your opponent in the bad cut. If a company spends millions of dollars protecting its LAN but doesn't protect its laptops, attack its laptops.
Here are two important tactics to realize about hackers:
Tactic 1 — They will target companies specifically.
Tactic 2 — They don't care who their target is. If the target is vulnerable, they'll attack.
Regardless of the tactic, hackers will go for the weakest link first. Often, that weakest link is the mobile user. If the hackers' goal is to break into BigCompany, Inc., then the hacker can try many different means to break into that company. If the hacker can't break through BigCompany's LAN defenses, he or she can simply try to attack the company's laptops.
If hackers don't care whom they exploit, they will simply look for a vulnerable device and attack. Everyone has something valuable, or sometimes they just want to use the device as a means to attack other systems. The question to enterprises is ...
Get Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
