Before internet communications took off in the early 1990s, computer security was essentially a matter of physical protection: activities like contingency planning for fire and flood, restricting the number of people who could access terminals or preventing employees from inserting floppy disks that might contain viruses into company PCs. Locks and logbooks were still pieces of hardware.

Online environments presented different challenges and required new methods of authenticating users, verifying transaction data and detecting suspect files. The practice of IT security, indeed, moved online through the introduction of managed services. This archive looks back through the transition years.

Ireland’s software industry made a significant contribution to online security through the development of encryption toolkits, firewalls and identity management applications. Much of the expertise came out of academic research and the participation of Irish organisations in European Union programmes. Other developers entered the field through their practical experience of delivering information or recording payments over the internet.

The archive begins in the early 1990s when the consulting firms that had traditionally advised data centres on how to protect their systems were eclipsed by security product companies. Some developed their own applications. Others sourced and distributed emerging types of security software. It culminates after the turn of the century, when the limitations of technologies for e-mail encryption and digital certificate management were becoming evident and an over-ambitious identity management project was trying to streamline online access to Ireland’s state services.

Online Security – Controls, Certificates and Cryptography

Interactive timeline unavailable. This is the text only version.

1990 Rits launch Dublin-based Rits was established as an information security specialist. The company described itself as the first in Ireland that was dedicated to developing IT security solutions.
1990 McAfee arrives Systemhouse Technology introduced the McAfee range of anti-virus products to Ireland.

At this time McAfee Associates was a small specialist firm with around a dozen staff in Santa Clara, California.

August 1990 Baltimore changes direction Baltimore Technologies named Pat Cremin as managing director. Cremin had previously worked at Ericsson, where he led the development of an experimental cashless payment system.

Under his predecessor, Jim Mountjoy, Dublin-based Baltimore had focused on software development and consultancy services for telecommunications providers and European research programmes. It had also built up a sideline in cryptography, which now became its core activity.

Company owner Michael Purser was a Trinity College Dublin lecturer in  computer science and mathematics. Baltimore’s concentration on the mathematics behind public key cryptography reflected his research interests.

January 1991 EuroKom restructures UCD campus company EuroKom was reorganised as a self-supporting business.

EuroKom ran online conferencing and database services for participants in European research programmes under a series of short-term contracts from the European Commission. These services were previously managed by UCD Computing Ltd, a spinoff from the college’s internal IT service.

The company’s new status allowed it to seek additional customers among commercial organisations, financial institutions and government agencies. EuroKom gradually evolved into a managed e-mail specialist, screening customers’ messages for viruses and other malware.

1991 Civil service awareness The Central Information Technology Service (CITS) at the Department of Finance designated 1991 as a ‘security awareness year’ for the civil service.

The group, which had introduced a government telecommunications network in 1989, issued guidelines for risk reduction on wide area networks. CITS also released its own series of papers on computer security during the year.

March 1991 Crypto-System Toolbox Baltimore Technologies launched its Crypto-System Toolbox (CST), a system for building secure applications for tasks like electronic funds transfer, e-mail and document exchange.

The toolset offered a choice of cryptographic algorithms, including the company’s own proprietary algorithm, as well as access control and secure backup features. Baltimore marketed CST as a standalone system as well as using it to develop applications for customers.

April 1991 Encrypted phone calls Intrepid launched the Milcode secure telephone for military and government users, based on a combination of speech processing and encryption technologies. The company designed this product with assistance from all three Dublin universities and the defence  forces.
May 1991 Symantec facility Symantec commenced the production of packaged software for customers outside North America at a new facility in Blanchardstown.

The company had recently entered the anti-virus product trade by acquiring Peter Norton Computing. At this time, however, its security software was just one element in a broad portfolio of applications and utilities for Windows and Macintosh computers.

January 1992 Michelangelo A PC virus that was designed to activate itself on 06 March, the birthday of Renaissance artist Michelangelo, attracted international attention, particularly when it was reported that respected computer and software manufacturers had inadvertently shipped it to their customers.

The Michelangelo virus spread via floppy disks and corrupted data on hard drives and floppy disks alike. The actual level of damage on 06 March was fairly low, but the alerts increased public awareness of virus threats in much the same way as the online virus incidents of later years.

March 1992 Securing Cosine The Cooperation for Open Systems Interconnection Networking in Europe (Cosine) project commissioned Dublin-based Baltimore Technologies to introduce, prove and operate security mechanisms for selected services. The contract was valued at €350,000 and was the latest in a series of tasks that Cosine awarded to Baltimore.

The Cosine project was a major component in the industry-led Eureka research and development programme. It focused on computer networking for the European academic and industrial research community, promoting the OSI model and specifications.

May 1992 Anti Virus Service Technology Systems Dublin launched a new subsidiary, Anti Virus Service, headed by Eamonn Gilmore. The start-up offered data protection software from three established product vendors: Symantec, Dr Solomon’s and Sophos.
1992 Dr Solomon’s debut Dun Laoghaire-based start-up Priority Data Systems introduced Dr Solomon’s anti-virus products to Ireland.

Managing director Alec Florence founded the company to specialise in security consultancy and products for personal computer networks.

August 1992 Infection level Security software distributor Renaissance Contingency Services estimated that 90 per cent of Ireland’s top 500 companies had experienced some form of virus attack over the previous year.

Renaissance, which was formed in 1987 by Denis Woods and Michael Conway, supplied and supported virus scanning software from Sophos.

October 1992 Disknet Data protection software vendor Reflex Magnetics appointed Waterford-based consultant Richard Foley as its Irish agent. Disknet safeguarded computers against virus infection by monitoring the exchange of disks from one system to another.
April 1993 Bulletin board Richard Foley established the Bugblatter bulletin board system to distribute international reports of new computer viruses. The service grew out of his marketing of Reflex Magnetics’ Disknet data protection software for PC networks.
October 1993 PC Review Security software developer Rits released the first version of its PC Review product and supplied copies to Aer Rianta and AIB.

This inventory management application logged the numbers and locations of systems and software licences in organisations with large collections of PCs.

1994 PD Secure Priority Data Systems launched its PD Secure access control and security product for PCs. The software combined visible controls, such as password protection, with owner registration and administration procedures that end users could not see.
1994 Firewalls from Galway Digital Equipment formed an internet security product development unit at its European software centre in Galway. This group initially worked on the corporation’s firewall technology for Unix-based servers.
February 1995 Teri Hatcher incident A postgraduate student at Dublin City University uploaded pictures of American actress Teri Hatcher to the web, attracting an unprecedented volume of internet traffic and an unexpected spike in network charges.

This incident led HEAnet’s network management committee to formulate policies on user access and traffic control. Its action, in turn, alerted the wider internet community to the need for new approaches to service administration.

March 1995 PC monitoring Rits released version 2 of its PC Review monitoring application for PC software and hardware inventories.

Designed for organisations with at least 70 computers, this was the first edition of the product that was made widely available. Renaissance Contingency Services distributed PC Review in Ireland. Rits also appointed resellers in Belgium and the UK.

April 1995 Inflo emerges Co-founders David Doherty and Maurice McMullin launched Inflo Communications to distribute and support high-level messaging systems and internet gateways. These included enterprise communications products from Canadian vendor SoftArc.

The Donegal-based company subsequently developed its own software and evolved into an e-mail security specialist.

July 1995 ICL’s encryption ICL’s information technology centre in Leopardstown demonstrated new encryption software for location codes on the World Wide Web. This technology offered access controls and billing mechanisms for electronic publishing and retailing.
August 1995 WW6Macro Security specialists reported the first sighting of a virus that infected systems via document files rather than executable code. WW6Macro was also the first ever multi-platform virus, affecting multiple versions of Microsoft Windows and Apple Macintosh computers.
October 1995 Internet mail checker Integralis appointed Priority Data systems as a distributors for its MIMEsweeper. This software offered automatic checking for incoming e-mail and alerted network managers to the presence of any viruses.
January 1996 PC protection Dublin-based Rits, developer of the PC Review inventory monitoring system, introduced three complementary products: PC Logon for access control product, Private File for encryption and Drivelock Control, which provided boot protection.
March 1996 Civil service firewall Silicon Graphics’ Irish distributor Sysnet recorded its first firewall sale in conjunction with the HEAnet’s contract to provide internet connectivity to the civil service.

This project required just a single firewall server – an entry level Indy workstation running Gauntlet security software, which was originally developed by US vendor Trusted Information Systems.

1996 Local government messaging The Local Government Computer Services Board selected EuroKom to provide managed e-mail services to all local authorities. The company subsequently developed direct relationships with individual city and council councils, offering a broad range of connectivity and secure communications options.
1996 Baltimore sold Baltimore Technologies’ founder Michael Purser sold his network security software firm to a team financed by Dermot Desmond. Fran Rooney, who had previously worked in Quay Financial Software, became managing director.

The company’s new leaders were more focused on software products than their predecessors, concentrating on encryption and certification tools for internet communications and electronic commerce.

August 1996 Priority in America Priority Data Group opened a North American sales and support office for its PC Secure access control software in Natick, Massachusetts. The company also expected its US subsidiary to resell security products from other vendors.
November 1996 Trintech integrates Trintech Group and Microsoft announced an agreement to integrate Trintech’s PayWare payment processing software with Microsoft Merchant Server. This combination supported the authorisation and management of purchases through the internet. Bank of Ireland became the first financial institution to implement Trintech’s technology for web commerce.

Dublin-based Trintech was also working with Netscape Communications on a version of PayWare that integrated with Netscape’s SuiteSpot server software.

Both of these alliances involved compliance with the Secure Electronic Transaction (SET) industry standard, which facilitated secure credit card payments over the internet.

January 1997 Online banking begins Bank of Ireland became the first bank in the country to offer secure online banking services to personal customers.

The Banking 365 On-line service used Digital Equipment’s DECmessageQ to access account information in the bank’s mainframe systems. Nested firewalls and 64-bit key encryption secured the service.

February 1997 Secure web sites Internet service provider EUnet Ireland launched a secure web site hosting service that used digital encryption to protect portions of its customers’ sites. Known as InterWeb Plus, the service encrypted the information transmitted from virtual servers to authorised viewers.

EUnet reported a high level of interest from organisations that held personnel records and credit card data.

February 1997 UniCert unveiled Baltimore Technologies announced the UniCert system for issuing and managing digital certificates that authenticated the identities of internet users. This Certification Authority software was the centrepiece of  the company’s new series of  security  products, all built with its Crypto Systems Toolkit.

Baltimore had recently signed a major contract with the European Union to introduce a Certification Authority service throughout Europe. This service, Unitrust, was scheduled to start in July 1997.

March 1997 TrustedWeb Software and Systems Engineering Limited (SSE) launched TrustedWeb, an access rights management system for web servers.

SSE, a subsidiary of Siemens and Siemens Nixdorf, was based in Dublin and had previously specialised in developing OSI applications. TrustedWeb, which originated in an EU research project, permitted or prohibited client browsers to access servers according to the users’ roles. 

The system, which incorporated a 128-bit encryption algorithm, assigned access rights to groups of people rather than individuals.

April 1997 MailSecure Baltimore Technologies launched MailSecure, a product that enhanced existing e-mail packages with digital signatures and encryption for messages and attachments.

MailSecure was compatible with the emerging S/Mime standard for internet e-mail encryption and authentication and it could integrate with Baltimore’s UniCert system.

June 1997 Kerna’s firewall Kerna Communications developed a Java-based firewall as its first software product. The company, which originated in UCD’s computing services group, had previously installed and supported third party firewalls.
August 1997 General Motors deal Priority Data Systems won a deal to supply an enhanced version of its PD Secure software to General Motors offices around the world. PD Secure offered a collection of tools that controlled access to individual PCs on a corporate network.

This software rollout was part of an EDS contract to install a new selection of PC applications on 55,000 systems during the first half of 1998.

General Motors awarded the contract after Priority Data added functions like directory locking, a single sign-on for PD Secure and NetWare, and the  ability to lock a user account when successive log-ins failed.

October 1997 UniCert ships Baltimore Technologies shipped its UniCert Certification Authority system, providing a security framework for services like internet shopping, web banking and online trading.
October 1997 TrustedMime Software and Systems Engineering released TrustedMime, a secure internet mail product that complemented the company’s TrustedWeb access control system.

TrustedMime employed strong encryption to protect confidential messages, applying digital signatures to outgoing e-mail.

December 1997 Entropy’s partners Network integration specialist Entropy diversified into security applications by becoming the Irish distributor for vendors Check Point Software Technologies and Security Dynamics Technologies. Israeli developer Check Point offered firewalls for virtual private networks, while Massachusetts-based Security Dynamics supplied user authentication software.
January 1998 SecurID in ESB The ESB selected Security Dynamics Technologies’ SecurID system to restrict access to confidential information on its corporate network. SecurID controlled access rights through a combination of user authentication tokens and one-time passwords.
February 1998 PostGem authority PostGem announced plans to establish a national certification authority service for e-commerce in Ireland, built on Baltimore Technologies’ UniCert system. Brendan McMorrow was the project manager.
March 1998