IT Week: As managing director of web filtering specialist Bloxx, can you tell me a little about the history of the company?

Eamonn Doyle: We were initially an academic concern and about three years ago investors came on board to take our technology to market. We thought there was scope to provide something more than the traditional software solution, which is dependent on a database of URLs and purchased on a cost-per-user model. We decided to turn that on its head and appeal to the people using and managing web filtering in firms. Network managers have enough on their plate without having to worry about web filtering. They want something that will do the job [of filtering] so they can get on with more important work.

How has the content security market changed over the years?

In the late 1990s it made sense to build a database of [forbidden] URLs, but with the massive growth of the web there are billions of URLs now, so you need to complement this with lexical analysis. In addition, the web is a lot more dynamic, changeable and self-administered now, user-generated content sites such as MySpace are one example, so the idea of tracking traffic by the URL alone is increasingly redundant. The URL database is a blunt tool.

Are there still web filtering specialists around that rely on URL blocking alone?

It's one of the ironies of this game that the bigger the firm, the more they claim to have and the less they actually have. In our experience an individual can manually rate between 400 and 600 sites a day, while automated technology can do closer to four million. Every week we identify an organisation claiming to have real-time technology, but they donít.

So what drives investment in web filtering tools?

Different people in the organisation have different angles: the IT department wants to get good value from what they're buying, and know theyíll be asked the difficult questions if there is a security breach. HR and finance are interested in a broad spectrum of legal requirements and productivity issues. A while ago there was a disconnect between IT and the board, but Iím not so sure thatís the case anymore; most organisations appreciate the need for co-operation.

How do you see the web filtering market developing?

There has been a lot of consolidation recently. Websense's agreement to acquire SurfControl is particularly significant for us, because if you're at number three in a market and one and two combine, you move up. End users are unlikely to gain much from the deal, however. When Websense and SurfControl were in direct competition, prices were very competitive, but thatís not going to happen now. But itís not our job to educate the market, itís our job to offer a mature alternative to first-generation web filtering. Weíre hoping to announce significant expansion plans through organic growth in mainland Europe later this year and the US at the start of next year.

Do you think the new Internet Explorer 7 toolbar will make web surfing safer?

People should have multiple layers of defence so weíre quite happy to see anything that provides a complementary layer to what we do. If Microsoft gets involved it can only be good because it brings these security issues to light and raises the profiles of firms like us that are involved with resolving them.

Do you regard your company as a possible target for acquisition?

Not just now. We've still got a lot of value to add. If someone came knocking one day and asked us nicely we might listen, but itís still too early.

Who is your primary point of contact in an organisation?

It is either the IT manager or the security officer, depending on the organisation. Our products appeal to these people because of their simplicity. They are out-of-the-box solutions offering automated reporting, and are far less complex in terms of installation and licensing than many other solutions. By automating the reports and directing them to the appropriate heads of department, our product helps the IT manager do their job and fulfil all of their requirements, and it removes them from the front line.

Do you have difficulty recruiting?

Not really. Technology and industry come together quite well in Scotland, which is where weíre based. Scottish universities are very well organised when it comes to getting industry experience for their students, and it's a two-way street because they provide the industry [with talent] as well. But you have to be careful when undertaking a project with a university because their definition of a successful project is not always the same as a commercial one - it could be simply to prove that something is not the right avenue to take. So as a business you have to think carefully about what projects you get involved with and what the return is.