lDefinition: Mandatory access control is one of sever methods for controlling access to an information infrastructure. MAC, when in place, allows for a tighter or more granular control over the organization’s information assets.
A level of security classification (e.g. confidential) is assigned to each information asset and every user of the system is assigned an appropriate level of privileges. The ability to access and use an information asset is restricted, therefore, by “levels of clearance”. MAC also addresses the matter of who can read and who can write (or modify) information resources. All should be controlled by formal security policies.
An information security policy should, however, be in place.
Its Relevance: MAC provides for the highest level of control over the right to use information resources. However, the method also requires the greatest amount of overhead or maintenance due to the required level of detail. Authorization privileges by groups provide for a more robust information security. The level of security that is applied is closer to be on a "need to know basis".