NAC is often used for something other than its original intent and here is another such case.

Products with NAC agents often support popping up notices to users. In classic NAC, these notices inform users that their machines don’t meet certain policies and in some cases instruct them how to remediate the machines so they do comply.

But the notices can be about anything. As long as the NAC policy decision point determines a policy has not been met, it can trigger a notification.

So if there is a business process event that must occur and it can be tied to the results of a NAC test, a notice can be sent. So if a test shows that a quarterly budget report, for instance, has not been sent, a NAC policy can send notification.

And as a stick, the notice can say that if the report isn’t filed by a certain date, the user loses certain network privileges.

Many NAC customers already use the technology as a backup to patch management software. If testing of endpoints shows an operating system or application below the acceptable version, it can trigger a notice to the end user and also to network administrators.

Perhaps NAC has not been used more to back up business processes because network users on the business side of the house don’t have a deep enough understanding of NAC to recognize this potential.

It might be something the IT side of the house could suggest as a way increase the perceived value of NAC outside the IT department. (Compare NAC products)

Tim Greene is senior editor at Network World.