Security Lighthouse uses the CACA Model to monitor information relevant to security. This model enables efficient support of the PDCA check cycle in information security management to ISO/IEC6 27001.

Data is initially collected (Collect) from various security systems and compared in an analysis (Analysis) of the threshold and limiting values.
The results are subsequently analysed in diagrams, lists and reports, and displayed geographically in the Security Information Map in red, amber and green. This provides security managers and administrators with a web-based tool allowing them to check (Check) the security status at their company in a simple and intuitive manner.
The Act Phase kicks in following viewing and analysis. During this phase alerts are dispatched per text message, or support provided for decision-making on the security status. The results of the analysis and the evaluations form an information base for measures to continually improve the security situation.

AMPEG Security Lighthouse processes the security information according to the CACA Model's Collect, Analyse, Check and Act phases:

Collect

• Relevant security information is collected every quarter of an hour from mail, web security and patch management applications, or other security applications, and standardised and saved to a central, SQL database.
• Information on currently available pattern/virus signatures and updates is downloaded from the manufacturers of the security applications.
• The security information collated is held for up to a year for making monthly and quarterly comparisons.

Analysis

• Security guidelines can be defined using threshold and limiting values that correspond to past experience in the company. Example: the global pattern rollout for 80% of the computer systems should take no longer than 80 hours.
• Status analyses: if the limiting values for security guidelines are exceeded at any one location this is displayed in red on the world map.
• The proprietary network's security status is checked against currently available patterns and manufacturer's updates.

Check

• The data collated is automatically analysed to check the electronic security status and presented in diagrams, lists and reports.
• The Security Information Map displays the security status geographically in colours alternating between red, green and amber. It also provides a unique method of zooming in from the world map view to the location view.

Act

• Support while checking the current security status to determine whether the end points in the corporate network are sufficiently protected against current threats and weak spots.
• Improvements to information security using focussed, on-the-fly data analyses.
• Targeted analysis and evaluation of data across all borders enables the efficient support of processes for continuously improving electronic security.
• Automatic dispatch of text message and e-mail alerts.