Attached files
file | filename |
---|---|
EX-32.2 - EXHIBIT 32.2 - BARRACUDA NETWORKS INC | cuda-20170228xexhibit322.htm |
EX-32.1 - EXHIBIT 32.1 - BARRACUDA NETWORKS INC | cuda-20170228xexhibit321.htm |
EX-31.2 - EXHIBIT 31.2 - BARRACUDA NETWORKS INC | cuda-20170228xexhibit312.htm |
EX-31.1 - EXHIBIT 31.1 - BARRACUDA NETWORKS INC | cuda-20170228xexhibit311.htm |
EX-23.1 - EXHIBIT 23.1 - BARRACUDA NETWORKS INC | cuda-20170228xexhibit231.htm |
EX-21.1 - EXHIBIT 21.1 - BARRACUDA NETWORKS INC | cuda-20170228xexhibit211.htm |
EX-10.18 - EXHIBIT 10.18 - BARRACUDA NETWORKS INC | cuda-20170228xexhibit1018.htm |
UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
___________________________________________________
FORM 10-K
___________________________________________________
(Mark One)
x | ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 |
For the fiscal year ended February 28, 2017
or
¨ | TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 |
For the transition period from to
Commission File Number 001-36162
___________________________________________________
BARRACUDA NETWORKS, INC.
(Exact name of registrant as specified in its charter)
___________________________________________________
Delaware | 83-0380411 | |
(State or other jurisdiction of incorporation or organization) | (I.R.S. Employer Identification Number) |
3175 S. Winchester Blvd.
Campbell, California 95008
(408) 342-5400
(Address, including zip code, and telephone number, including area code, of registrant’s principal executive offices)
___________________________________________________
Securities registered pursuant to Section 12(b) of the Act:
Title of each class | Name of each exchange on which registered | |
Common Stock, $0.001 par value | New York Stock Exchange |
Securities registered pursuant to section 12(g) of the Act:
None
___________________________________________________
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes ¨ No x
Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes ¨ No x
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes x No ¨
Indicate by check mark whether the registrant has submitted electronically and posted on its corporate Web site, if any, every Interactive Data File required to be submitted and posted pursuant to Rule 405 of Regulation S-T (§ 232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit and post such files). Yes x No ¨
Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K (§ 229.405 of this chapter) is not contained herein, and will not be contained, to the best of registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K. ¨
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, smaller reporting company, or an emerging growth company. See the definitions of "large accelerated filer," "accelerated filer," "smaller reporting company," and "emerging growth company" in Rule 12b-2 of the Exchange Act.
Large accelerated filer | ¨ | Accelerated filer | x |
Non-accelerated filer | ¨ (Do not check if a smaller reporting company) | ||
Smaller reporting company | ¨ | ||
Emerging growth company | x |
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. x
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes ¨ No x
The aggregate market value of voting stock held by non-affiliates of the registrant was $584.6 million based on the closing price of $23.20 for shares of the registrant’s common stock as reported by the New York Stock Exchange as of the last business day of the registrant’s most recently completed second fiscal quarter. Shares of common stock held by each executive officer, director and each person who owns 5% or more of the outstanding common stock have been excluded in that such persons may be deemed to be affiliates. This determination of affiliate status is not necessarily a conclusive determination for other purposes.
The number of shares outstanding of the registrant’s common stock outstanding, as of March 31, 2017, was 52,925,162.
DOCUMENTS INCORPORATED BY REFERENCE
Information required in response to Part III of Form 10-K (Items 10, 11, 12, 13 and 14) is hereby incorporated by reference to portions of the registrant’s Definitive Proxy Statement for the Annual Meeting of Stockholders to be held in 2017. The Definitive Proxy Statement will be filed by the registrant with the Securities and Exchange Commission no later than 120 days after the end of the registrant’s fiscal year ended February 28, 2017.
EMERGING GROWTH COMPANY
The registrant is an "emerging growth company" as that term is defined in the Jumpstart Our Business Startups Act of 2012 and, as such, the registrant has elected to comply with certain reduced public company reporting requirements.
TABLE OF CONTENTS
Page | ||
PART I | ||
Item 1. | ||
Item 1A. | ||
Item 1B. | ||
Item 2. | ||
Item 3. | ||
Item 4. | ||
PART II | ||
Item 5. | ||
Item 6. | ||
Item 7. | ||
Item 7A. | ||
Item 8. | ||
Item 9. | ||
Item 9A. | ||
Item 9B. | ||
PART III | ||
Item 10. | ||
Item 11. | ||
Item 12. | ||
Item 13. | ||
Item 14. | ||
PART IV | ||
Item 15. |
SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS
This Annual Report on Form 10-K contains forward-looking statements within the meaning of the Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. All statements contained in this Annual Report on Form 10-K other than statements of historical fact, including statements regarding our future results of operations and financial position, our business strategy and plans, and our objectives for future operations, are forward-looking statements. The words "believe," "may," "will," "potentially," "estimate," "continue," "anticipate," "intend," "could," "would," "project," "plan," "expect" and the negative and plural forms of these words and similar expressions are intended to identify forward-looking statements. These forward-looking statements include, but are not limited to, statements concerning the following:
• | our future financial performance, including our expectations regarding our revenue, cost of revenue, gross profit or gross margin, operating expenses, including changes in research and development, sales and marketing and general and administrative expenses, and our ability to achieve and maintain future profitability; |
• | our business plan and our ability to effectively manage our growth and associated investments; |
• | anticipated trends, growth rates and challenges in our business and in the markets in which we operate; |
• | market acceptance of recently introduced security and data protection solutions; |
• | beliefs about and objectives for future operations; |
• | our ability to increase sales of our solutions and renewals of our subscriptions; |
• | our ability to attract and retain customers; |
• | our ability to cross-sell to our existing customers; |
• | maintaining and expanding our customer base and our relationships with our channel partners; |
• | our ability to timely and effectively scale and adapt our existing solutions; |
• | our ability to develop new solutions and bring them to market in a timely manner; |
• | our ability to maintain, protect and enhance our brand and intellectual property; |
• | our ability to continue to expand internationally; |
• | the effects of increased competition in our markets and our ability to compete effectively; |
• | sufficiency of cash to meet cash needs for at least the next 12 months; |
• | future acquisitions or investments; |
• | our ability to stay in compliance with laws and regulations that currently apply or become applicable to our business both in the United States and internationally; |
• | economic and industry trends or trend analysis; |
• | the attraction and retention of qualified employees and key personnel; |
• | the estimates and estimate methodologies used in preparing our consolidated financial statements; |
• | the impact of our stock repurchase program; and |
• | the future trading prices of our common stock. |
We have based these forward-looking statements largely on our current expectations and projections about future events and trends that we believe may affect our financial condition, results of operations, business strategy, short-term and long-term business operations and objectives and financial needs; however, these forward-looking statements are subject to a number of risks, uncertainties and assumptions, including those described in Part I, Item 1A. "Risk Factors" in this Annual Report on Form 10-K. Moreover, we operate in a very competitive and rapidly changing environment and new risks emerge from time to time. It is not possible for us to predict all risks, nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to differ materially from those contained in any forward-looking statements we may make. In light of these risks, uncertainties and assumptions, the future events and trends discussed in this Annual Report on Form 10-K may not occur and actual results could differ materially and adversely from those anticipated or implied in the forward-looking statements.
1
We undertake no obligation to revise or publicly release the results of any revision to these forward-looking statements, except as required by law. Given these risks and uncertainties, readers are cautioned not to place undue reliance on such forward-looking statements. You should read this Annual Report on Form 10-K and the documents that we reference in this Annual Report on Form 10-K and have filed with the SEC as exhibits to this Annual Report on Form 10-K with the understanding that our actual future results, levels of activity, performance and events and circumstances may be materially different from what we expect.
Unless expressly indicated or the context requires otherwise, the terms "Barracuda," "company," "we," "us," and "our" in this document refer to Barracuda Networks, Inc., a Delaware corporation, and, where appropriate, its wholly owned subsidiaries. The term "Barracuda" may also refer to our products, regardless of the manner in which they are accessed.
2
PART I
Item 1. Business
Overview
Barracuda designs and delivers powerful yet easy-to-use security and data protection solutions. We offer cloud-enabled solutions that empower customers to address security threats, improve network performance and protect and store their data. Our security platform helps customers simplify their IT operations and address their most pressing security needs even as they adopt new deployment models and move applications, data and workloads to the cloud. Our business model is built on the core values of speed and agility, which we apply to all aspects of our approach, including our technology innovations, the delivery and deployment of our solutions and responses to customer inquiries. Since inception, our solutions have been trusted by more than 150,000 organizations worldwide.
Our platform incorporates subscription-based security and data protection solutions that are connected to our cloud services, which enable continuous software updates, offsite redundancy and distributed capacity. Our solutions are delivered as cloud-enabled appliances and virtual appliances, as well as public cloud and Software-as-a-Service-("SaaS")-based solutions. Our solutions are designed to fortify the security fabric across public, private and hybrid cloud deployments and they can be centrally managed from a single pane of glass. Our security solutions are designed to protect and optimize the performance of the most critical points within our customers’ IT infrastructures, including Microsoft Office 365 ("Office 365") environments, email servers, web applications, data centers and core networks. Our data protection solutions are designed to backup and archive business-critical data and make such data accessible for purposes such as compliance, disaster recovery and business intelligence. Our data protection solutions also allow users to securely and quickly access and sign files from Internet-connected devices. Our solutions can be managed centrally in any size or type of deployment through integrated, easy-to-use web interfaces that support configuration, monitoring and reporting.
We design our solutions specifically for IT professionals in environments subject to time, staff and resource constraints. These IT professionals seek to benefit from current and emerging trends in information technology such as the rapid growth in cloud computing, adoption of virtualization, proliferation of mobile devices and the associated explosion of data. Our customers work in all types of organizations, from small- and mid-market businesses, governments and educational institutions, to departments or divisions within Fortune 2000 enterprises.
We nurture a culture that delivers value through simplicity to optimize our customers’ experiences. From the design of our solutions to our sales processes, customer support, manufacturing and delivery, we strive to make our solutions easy to purchase, install, maintain and update. We believe that Barracuda has become a highly visible and recognizable brand as a trusted IT partner. We design our solutions to be easy to use and to deploy without the need for special expertise or external support from IT specialists. Our platform includes powerful capabilities that can be optimized to meet the requirements of resource-constrained environments. For most of our solutions, we employ a high-velocity sales model that incorporates a 30-day right to return, real-time order fulfillment and a simple, low-cost entry point to make our customers’ purchase decisions and deployments seamless, easy and efficient. Through our recurring subscription services, we provide our customers with up-to-date features, functionality and real-time security protection, eliminating the need for costly upgrades or additional software purchases. We answer our phones live 24x7x365 and endeavor to treat every customer call with the same high priority. Central to our culture is a focus on the long-term customer experience, including an ongoing dialogue with our customers to enhance our features and solutions. Our development and fulfillment processes rapidly deliver new services and functionality to our customers, enabling them to improve their time to value and return on technology investment through the low total cost of ownership, easy integration and accelerated deployment of our security and data protection solutions.
Industry Background
Modern IT Trends Offer Attractive Benefits to All Organizations
Organizations are looking to take advantage of important technology trends, particularly the rapid growth of cloud computing, including platforms such as Amazon Web Services ("AWS"), Google Cloud Platform ("GCP"), Microsoft Azure ("Azure") or Office 365; proliferation of mobile devices; widespread use of web applications like Facebook, LinkedIn, Twitter and YouTube; and increased adoption of virtualization and software defined networking. These advanced technology trends can be exploited by organizations to gain significant competitive advantages and to support core business operations, enable dramatic efficiency gains and open new go-to-market channels and revenue opportunities.
3
The Confluence of IT Trends Creates a Set of Obstacles that IT Professionals Must Address
IT trends are significantly changing the way that IT infrastructures are designed, deployed and secured, creating a complex and rapidly evolving set of challenges that need to be addressed by IT professionals. This complexity influences the way organizations design and deploy their networks and applications, including leveraging public cloud, SaaS and managed services solutions.
• | Escalating Security Threat Environment. Organizations face increasingly sophisticated and targeted security threats from a variety of attackers, including state-sponsored, profit-motivated, automated and internal attackers. These attacks can result in organizational disruption, as well as the theft of sensitive information such as credit card information, and can cause financial and reputational damage. These threats are exacerbated further as customers migrate their applications to public and private clouds. Organizations of all sizes are being forced to reexamine their security risks and technology investments as threats evolve and increase in number, complexity, variety and severity. |
• | Productivity and Security Challenges Posed by Cloud Services and Web Applications. Organizations can benefit greatly from popular web applications, which enable new channels to communicate and collaborate with customers and business partners, as well as a means to market their products and recruit employees. While many of these applications can benefit the business, they can introduce significant security vulnerabilities as well as inappropriate and unproductive activities in the workplace. Organizations need to safely enable the use of these applications, such that only the right individuals are using the right set of applications for their business functions. |
• | Explosion of Data and Increased Storage Consumption. Organizations and employees are increasingly dependent on the availability of information. As a result, organizations cannot afford to lose access to business-critical data and need a cost effective and scalable way to ensure that their data is being stored safely and can be recovered rapidly. |
• | Constrained IT Budgets. Macroeconomic conditions have kept IT budgets under significant pressure, and despite recent innovations in the industry, security and data protection infrastructures increasingly require greater investments to implement, run and manage. As a result, there is a need for security and data protection environments to become vastly more efficient. Further, many small- and mid-sized organizations are turning to managed service providers to implement these technology solutions on a "pay-as-you-go" basis with minimal upfront costs. |
Organizations Need a New Approach to IT in Resource-Constrained Environments
Rapidly changing dynamics in today’s IT landscape are forcing organizations of all sizes to evolve their IT strategies. Fortune 500 companies are better positioned to address these challenges as they typically have core IT departments that can comprise a significant number of highly skilled and specialized computer scientists and engineers, as well as IT budgets that can be in the billions of dollars. We believe that there are millions of underserved organizations without these resources. These organizations include small- and mid-market businesses, governments, educational institutions and departments or divisions within Fortune 2000 enterprises. IT professionals within these organizations seek powerful yet easy-to-use solutions to address the challenges posed by these trends.
We believe most traditional software and hardware vendors have designed their products and business operations to cater primarily to larger companies. These solutions typically fail to meet the needs of more resource-constrained organizations in several key ways:
• | Complex to Deploy and Use. Traditional IT solutions often are difficult to install, require significant configuration and necessitate specialized services and technical support to get the systems up and running. These solutions often take months to implement and require highly trained IT staff to manage and maintain. Moreover, traditional IT solutions often provide a wide variety of features that meet the specific needs of the largest, most sophisticated customers but are of little-to-no use to the vast majority of customers. |
• | Marketing Optimized for Large Organizations. Traditional IT solution vendors tend to focus marketing efforts primarily on high-touch, senior level interactions with a smaller number of large customers. As a result, IT professionals within resource-constrained organizations are frequently challenged to work effectively with these vendors to discern the products they require to solve their problems. |
• | Lengthy, High-Touch Sales Cycle. Because of the complexity and expense related to the purchase of traditional IT solutions, traditional vendors usually use high-touch direct sales models, typically to larger customers, in order to sell their products. As a result, the complexity of traditional IT solutions and the requirement for customers to tailor traditional IT solutions to their needs lead to longer sales cycles, prolonging the period of time before customers can solve their problems. These sales-related expenses typically are passed on to their customers through product prices. |
4
• | Lengthy Manufacturing and Fulfillment. Solutions from traditional IT vendors often have long delivery and installation times. In addition, vendors periodically experience delivery delays due to the inability of their supply chain to meet quality and delivery requirements consistently. The risk of these delays can be greater where custom or semi-custom components and configurations are involved. Due to their size, traditional IT solution vendors also need to manage a high degree of operational complexity and spend a significant amount of effort rationalizing these processes to improve their profitability, manage inventory and better match demand and supply. These factors result in additional costs, which traditional vendors may pass on to their customers through product prices. |
• | Unsatisfactory Customer Support. Traditional IT solution vendors often rely heavily on self-service telephone support and outsourced customer support located in remote geographies. This approach can lead to an unsatisfactory and frustrating customer support experience and lengthy time to resolution. |
Our Business Model
Since our founding, we have designed our solutions, established our culture and built our core business model to cater specifically to the needs of IT professionals in environments subject to time, staff and resource constraints. Our security platform helps customers simplify their IT operations and address their most pressing security needs even as they adopt new deployment models and move applications, data and workloads to the cloud. Our security and data protection solutions are delivered in the form of cloud-enabled appliances and virtual appliances, as well as public cloud and SaaS-based solutions, and enable our customers to address security threats, improve the performance of their networks and protect and store their data. Our business model is built on the core values of speed and agility, which we apply to all aspects of our approach, including our technology innovations, delivery and deployment of our solutions and responses to customer inquiries. We maintain control of the value chain across our solutions, marketing efforts, sales processes, manufacturing, delivery and customer support. This integrated model enables us to tailor the customer experience to deliver powerful yet easy-to-use security and data protection solutions and high-value, recurring subscriptions to IT professionals in the way that works best for their organizations.
Key elements of our business model include:
• | Powerful, Easy-to-Use Cloud-Enabled Solutions. Our security platform integrates solutions that are purpose-built to be easy to use and to deploy without the need for special expertise or external support from IT specialists. Our solutions provide robust functionality to address the most common IT challenges. We believe that whether a solution is an entry-level or company-wide deployment, it should provide powerful functionality and be easy to use. We have a continuous feedback loop with our customers, which gives us better insight into their needs and enables us to develop solutions that address our customers’ most important needs. |
• | Trusted Brand and Innovative Marketing. We believe partners and customers alike have come to rely on Barracuda as a trusted IT partner. We invest in brand development efforts to help solidify our position as a go-to provider of powerful yet easy-to-use security and data protection solutions. The principal focus of our marketing programs is to reach IT professionals within resource-constrained organizations and elevate their awareness of our portfolio of security and data protection solutions. Because of our strong investment in brand and differentiated ways to reach the customer at key decision points, we believe we have developed strong brand awareness. |
• | High-Velocity Sales. With our global partner network of more than 6,500 distributors, managed service providers and resellers, we offer straightforward, competitive pricing, making our solutions easier to purchase. Our inside sales force uses a disciplined approach to quickly and efficiently convert leads into paying customers. Our solutions and sales specialists work closely with our partners and IT professionals to answer questions and help match customer needs with Barracuda solutions. Customers can typically receive our solutions and deploy them within 24 hours. |
• | Efficient Manufacturing and Fulfillment. We manage our operations through customized, streamlined processes, using our backend logistics software system that enables efficient manufacturing and physical and digital distribution of our solutions. We develop, manufacture and fulfill our solutions primarily from our Silicon Valley locations. This approach gives us the speed and agility to facilitate quick and precise responses to customer needs. |
• | High-Value, Recurring Subscriptions. Our recurring subscription services provide our customers with up-to-date features, functionality and real-time security protection, as well as eliminate the need for future "forklift" system upgrades or additional software purchases. Our Barracuda Energize Updates subscriptions provide customers the benefits of new software capabilities we release, and hardware customers with continuous Instant Replacement subscriptions receive new physical appliances as part of their subscription every four years. We believe this investment protection is an important differentiator in how we deliver value to our customers. |
• | Proactive, Live, "Insourced" Customer Support. We provide our customers with high-quality, proactive customer support, including remote support, preventative diagnostics and a direct line to Barracuda support technicians |
5
available 24x7x365—with no phone trees—to answer customer calls and quickly and efficiently respond to their needs. Our support employees are strategically located close to our customers in geographies across the world. Our support also provides an important feedback loop, which enables us to continuously improve our solutions to better meet our customers’ needs.
Our security platform was designed with the midmarket in mind, offering flexible deployment options of cloud-enabled appliances and virtual appliances, as well as cloud-only solutions, that align with, and take advantage of, the benefits of each form factor. We believe that this alignment increases the overall value for our customers through more integrated solutions, and for our business through lower infrastructure and materials costs. Our high-velocity sales model provides customers with faster access to our solutions and benefits our business by enabling us to improve our return on investment in sales and marketing. Our efficient manufacturing and fulfillment enables fast delivery of our solutions to customers and benefits our business through our ability to maintain low inventory levels and minimal overhead expenses. Our customer support strives to quickly resolve customer issues and, we believe, the quality of our customer support results in higher renewal rates and new cross-sell opportunities for us. Our subscription model provides our customers with continuous and transparent access to the latest functionality enhancements and a highly visible, recurring revenue stream for our business.
Our Competitive Strengths
We believe we have many competitive advantages that will enable us to maintain and extend our leadership position including:
• | Vertically-Integrated Approach. With our vertically-integrated approach, we control the value chain across our solutions, including product design and functionality, marketing efforts, sales processes, manufacturing, delivery and customer support. This approach enables us to tailor the customer experience to deliver powerful yet easy-to-use security and data protection solutions aligned with our customers' IT environments. |
• | Hybrid, Cloud-Enabled Solution Design. Our hybrid solutions consist of cloud-enabled appliances and virtual appliances, as well as public cloud and SaaS-based solutions, that deliver security and data protection capabilities for our customers. By offering a portfolio of solutions and multiple deployment options, we are able to engineer functionality efficiently to align with, and take advantage of, the benefits of each form factor, thereby increasing overall value for our customers. |
• | Large, Engaged Customer Base. We have gained a strong foothold in our markets and, since inception, our solutions have been trusted by more than 150,000 organizations worldwide. Our broad customer base and solution portfolio provide us with a platform from which we can cross-sell solutions to our existing customers. We strive to maintain close contact with our customers so that we can tailor our solutions enhancements to better meet our customers’ needs and fuel our innovation cycle based on their feedback. |
• | Leadership and Dedicated Focus. Since our founding, we have focused on identifying common pain points and designing differentiated solutions to simplify complex IT problems for resource-constrained organizations. We have demonstrated our ability to execute our innovative business model successfully across multiple markets, including email security, network and application security, public cloud security, web security, archiving and data protection. |
• | Innovative Technology and Intellectual Property. We continue to invest in research and development to ensure our security platform incorporates powerful and innovative technology that is easy to use. Our cloud micro-services include a number of advanced services designed to thwart the most insidious attacks, across multiple threat vectors, and can be leveraged across multiple Barracuda product lines. We also operate Barracuda Central, our security intelligence center, to monitor and block the latest Internet threats. |
• | Strong Brand. We have built our brand with IT professionals in mind and our brand is at the core of our business model. We believe Barracuda is widely recognized as a trusted IT partner who combines leading technology solutions with highly responsive customer service, in order to make IT simple, secure and affordable for our customers. |
Our Strategy
The foundation of our business strategy has not changed since our founding, which is to make IT simple, secure and affordable for our customers. We continue to evolve our strategy by calibrating our product portfolio and investments with the fastest growing trends in our markets, optimize our routes to market and align our sales and operational resources to these opportunities, and focus on driving profitability in order to grow our bottom-line.
Key elements of our growth strategy include:
6
• | Increase Sales to New Customers. We believe there is a significant opportunity for us to simplify the complex security and data protection challenges for businesses that have resource-constrained IT environments. We plan to continue to engage with IT professionals through our differentiated business model in order to expand our customer base. We will continue to invest in our brand and marketing efforts to introduce new customers to our security platform that includes a broad portfolio of security and data protection solutions. |
• | Increase Our Solution and Deployment Footprint within Our Existing Customer Base. We believe that many customers would prefer to purchase IT solutions from fewer vendors. In addition to our initial solution sales to customers, our customers often come back to us when they need to expand into other IT solutions. We believe this cycle produces increased lifetime value in a customer. We plan to pursue cross-sell opportunities with our diverse, worldwide customer base, especially as they look to consolidate IT suppliers to reduce overall IT spending. |
• | Apply Our Business Model to New Technologies and Markets. We intend to focus on developing and acquiring technologies that fit within our business model and can address the needs of IT professionals. When we consider developing or acquiring a new technology, we evaluate each opportunity in a disciplined fashion to evaluate if the new technology can help us develop new solutions which can be optimized for IT professionals, produced simply, deployed easily and offered as a service. |
• | Expand and Optimize Our Worldwide Channel and Partner Network. We believe our worldwide channel and partner networks provide us with significant operating leverage. We currently have more than 6,500 distributors, managed service providers and resellers across the globe. We intend to continue driving operating leverage by expanding our partner network, especially in the managed service provider channel where customers seek to access and deploy technologies with minimal upfront costs, and in international regions where we can benefit from the local expertise of our partners. |
Our Solution Portfolio
Our solution portfolio includes cloud-enabled appliances and virtual appliances, public cloud solutions and SaaS-based solutions. Our appliances are pre-installed with our proprietary software, while our virtual appliances provide the same features in a software-only offering. Our SaaS solutions enable customers to provide comprehensive security and data protection without requiring additional on-premises infrastructure. Our on-premises and public cloud solutions leverage our cloud micro-services to deliver hybrid cloud-enabled solutions to our customers. These hybrid solutions enable us to optimize usage of on-premises hardware required while simultaneously leveraging the scalability of the cloud.
Security
Our security offerings help protect our customers against threats that propagate over the Internet. They also help ensure that business applications, and the networks they run on, are performing with optimal efficiency and reliability.
Email Security. Barracuda Essentials for Email Security (formerly Barracuda Email Security Service) offers comprehensive, scalable and affordable multi-layer cloud-based protection against email-based attacks, data loss and business disruption. Barracuda Essentials combines three of Barracuda’s innovative cloud technology solutions — email security, archiving and backup. Barracuda Email Threat Scan / Barracuda Email Threat Scanner is a cloud-based service that examines Office 365 mailboxes using machine learning and advanced threat protection techniques, including a full system emulated sandbox to identify latent threats, to provide administrators with an in-depth view of their risk profile.
The Barracuda Email Security Gateway (formerly Barracuda Spam Firewall) manages and filters all inbound and outbound email traffic to protect organizations from email-borne threats and data leaks. It includes spam and virus blocking, anti-phishing, fraud detection, Advanced Threat Protection, denial-of-service prevention, email continuity, encryption and policy management features. Barracuda Email Security Gateway customers can route their email through the Barracuda cloud performing advanced malware detection and pre-filtering to keep threats off their premises, reduce incoming connections to their network and spool mail in the event their sites become unavailable.
Next-Generation Firewall. Barracuda NextGen Firewalls are cloud-ready and purpose-built solutions for the modern, distributed, cloud-connected network, to secure the network and intelligently prioritize and optimize traffic flows in order to improve network performance and availability. Our next-generation firewall solutions offer application visibility and add user-identity awareness to safely enable access policies for specific users and user groups. They are designed for IT administrators seeking to enhance control of networks that include a combination of local servers, remote devices, cloud-hosted applications, such as Salesforce and Office 365, and public cloud payloads in AWS, Azure and GCP.
7
Application Security. The Barracuda Web Application Firewall provides comprehensive, reverse-proxy-based protection for applications deployed in physical, virtual or public cloud environments, and protects web applications and websites from data breaches and downtime by intercepting sophisticated application-layer attacks, such as SQL Injection, cross-site scripting, session hijacking and application-layer distributed denial of service ("DDoS"). The Barracuda Web Application Firewall incorporates Advanced Threat Protection, and is designed to proxy all incoming web traffic to block attacks and insulate the web servers. The Barracuda Vulnerability Remediation Service is a cloud-based web application vulnerability scanner that pinpoints vulnerabilities in web applications and websites and offers one-click remediation.
Web Security. The Barracuda Web Security Gateway (formerly Barracuda Web Filter) integrates several technologies, including Advanced Threat Protection, for setting and enforcing granular web filtering policies to protect users from rapidly evolving web-based threats and to increase productivity and optimize bandwidth. The Barracuda Web Security Gateway blocks user access to known malicious websites, scans web downloads for malware, enables granular enforcement based on existing user and group authentication and provides comprehensive web usage visibility through intuitive dashboards. The cloud-based Barracuda Web Security Service is designed to deliver web security and policy enforcement in highly distributed network environments.
Application Delivery Controllers. The Barracuda Load Balancer ADC is an integrated platform that distributes network traffic across multiple servers using advanced Layer 4 and Layer 7 load balancing techniques or even across multiple data centers using global server load balancing, content caching, data compression and connection pooling to offload computing functions from backend servers and improve application response time. Advanced features for application optimization and integrated security are designed to protect customers from malicious data, application-layer attacks and DDoS attacks before they reach internal servers.
Data Protection
Our data protection solutions provide a portfolio of solutions for on-premises and cloud-based archiving and backup.
Backup. Barracuda Backup is an end-to-end solution for protecting physical, virtual and SaaS-based environments. Barracuda Backup enables secure offsite replication to other Barracuda Backup appliances and to the Barracuda storage cloud. Barracuda Backup uses advanced deduplication technology to reduce the amount of backup data stored. Our LiveBoot and Cloud LiveBoot technology enables quick disaster recovery for virtual servers by running them directly from the backup appliance or the Barracuda cloud, without the overhead associated with restoring backup images to their original format.
Archiving. Barracuda Cloud Archiving provides cloud-based archiving. The service is designed for organizations using on-premises Microsoft Exchange, Office 365 or hybrid combinations, and helps ensure email is stored securely in a separate repository for as long as needed without risk of tampering or deletion. The Barracuda Message Archiver is available as a physical or virtual appliance on-premises and reduces archive sizes by eliminating duplicate messages, storing only one instance of each message attachment and then compressing the stored data.
Technology Architecture
Our technology architecture for both our security and data protection solutions consists of several common foundational components. We utilize a common architecture so that improvements of those components benefit our solutions, reducing development time.
Key common foundational components of our architecture include:
Common Core and Secure Platform
We use a proprietary operating system, built on the Linux open source kernel, which provides security and stability to protect the solutions that secure customer networks. The secure platform also provides foundational services that may include:
• | web and application servers that enable our user interface and application programming interfaces; |
• | infrastructure interoperability services, such as Kerberos and Active Directory; |
• | hardware abstraction layers that allow our solutions to scale from entry-level to high-capacity systems and to rapidly respond to changes in supply chain availability; |
• | auto-provisioned database systems that support many of the management features and applications; and |
8
• | common logging, notification and reporting services. |
Continuous Updates and Real-Time Protection
Our security and data protection applications are built to provide ongoing value as the technology and security landscapes evolve. Through continuous updates via Barracuda Energize Updates, our solutions are able to continuously receive up-to-date databases and agents including:
• | information that allows us to identify spam, viruses, spyware and other Layer 7 attacks by several means, including the content, behavior and source of the data; |
• | web category and application databases; |
• | information about the latest document types to properly identify text/content for indexing and searching; |
• | detailed formats of social media web requests that allow us to provide data loss prevention and archival services; |
• | backup agents for the latest versions of the newest desktop and server software; and |
• | policy definitions for enforcement of content policies, including social security number and credit card patterns. |
Shared Software Components
Many of our solutions share our proprietary software modules that are core to our business. This approach enables us to benefit from significant time and cost savings from rapid integration of our library of shared software components. For example, our antivirus technology is integrated into many solutions we have developed or acquired. Other examples include:
• | powerful and versatile proxy servers for web (HTTP forward and reverse), email (SMTP) and domain name services; |
• | high performance packet processing and flow tracking that allows identification of users and applications for security policy, prioritization and adaptive routing; |
• | content indexing and search capabilities; and |
• | agents for endpoints such as desktops, servers and mobile devices. |
Shared Cloud Services
By creating our own cloud micro-services, we are able to deliver the benefits of a cloud delivery model while maintaining a small footprint in our customers’ networks. Our appliances and virtual appliances communicate with our cloud micro-services so that we can deliver new service offerings, solutions and features, such as Advanced Threat Protection, Cloud Protection Layer, cloud web categorization and deduplicated file storage, without significantly increasing the requirements of the infrastructure installed in a customer’s network. This allows us to continue delivering features in a constantly evolving environment without the potential customer satisfaction issues that arise with frequent hardware updates.
Common Management Layer
We have invested significant resources into developing an architecture that allows for centralized solution management. Our solutions are designed with common user interfaces and provide central control across different solutions. They also enable control over highly distributed networks across multiple locations, devices and geographies by relying on a cloud service where security functionality is distributed but centralized control is desired. This capability enables administrators to control and enforce policies once and apply them across multiple distributed locations. The management layer allows a global view of many devices so that they can have the latest firmware, definitions and security policies.
Where appropriate, we employ a multi-tenant architecture that allows us to serve multiple customers while securely segregating their data. The platform includes intelligent route-optimization technology that dynamically routes customer traffic quickly and effectively.
Our core management technologies also include:
• | high availability and clustering software that allows a group of systems to be managed through a single configuration interface and allows the remaining systems to continue processing for any system that might become unavailable or fail; |
9
• | support tools that allows for rapid access and troubleshooting tools; and |
• | an update infrastructure for delivering new versions of our firmware, as well as the definitions and databases to ensure that the systems are up to date. |
Barracuda Central
Barracuda Central is our centralized and automated security intelligence center that enables continuous threat detection and monitoring. Data collected and aggregated at Barracuda Central is analyzed and used to create definitions for continuous automatic Barracuda Energize Updates for our solutions. Barracuda Central is comprised of four primary layers.
Internal and External Data Feeds
We receive data from four primary sources:
• | The Barracuda global data feed receives metadata for messages and web requests that pass through our networks from the appliances deployed in our subscribers’ networks. |
• | Barracuda Labs analyzes new threats and develops innovative security approaches. The team is focused on emerging threats such as social network, cloud, mobile and web-based exploits and other forms of modern malware attacks and develops advanced detection and protection techniques. |
• | Subscribers, their end-users and users of our free reputation services submit feedback on categorization, false-negatives and false-positives through various means. These means include email, web forms, user interfaces on our appliances/services and agents such as email add-ins. |
• | Via third-party and community data sharing, we are able to augment our accuracy while simultaneously giving back to the community. |
Automated and Manual Analysis
Through many automated and manual processes, the incoming data is analyzed and used to generate new threat definitions and new algorithms to continuously increase the effectiveness of our solutions.
• | Our security engineering team develops algorithms and mitigation techniques that are integrated into our cloud micro-services in order to increase effectiveness. We also develop corresponding algorithms and mitigation techniques that are delivered to our appliances or cloud services for local processing. |
• | With our cloud micro-services, we are able to process data feeds and automatically identify the vast majority of threats. As these threats are identified, they are added to the appropriate databases for delivery via our Barracuda Energize Updates subscriptions. |
• | Our security operations team monitors data feeds and tunes the algorithms in the Barracuda compute cloud. Our security operations team also works with our security engineering team to identify new algorithms that allow more threats to be automatically identified. |
Continuous Updates and Real-time Protection
• | Once threats are identified and definitions are created, the definitions are delivered securely to the appliances, virtual appliances and cloud services via our Barracuda Energize Updates subscriptions. Some of these definitions are updated many times over every hour and allow for fast local processing and offline operation. |
• | To reduce latency, size and performance impact of delivered definitions, we leverage our cloud micro-services, which consist of a set of protocols and services that allow our solutions to have access to up-to-the-second threat protection. |
Deployed Appliances, Virtual Appliances and Cloud Services
Our appliances, virtual appliances and cloud services use the data produced by Barracuda Central to block the latest threats. These systems automatically provide feedback and metadata back into the Barracuda Central data feeds enabling continued improvements to accuracy and performance.
Our Customers
10
We target customers across a wide range of industries, including education, government, financial services, healthcare, professional services, telecommunications, retail and manufacturing. Our revenue is diversified across our entire customer base with one distribution partner accounting for 25%, 22% and 20% of total revenue in fiscal 2017, 2016 and 2015, respectively. Sales to this distributor are subject to an agreement between the parties which provides for an initial term of one year, with automatic one year renewal terms and permits termination by either party with 90 days written notice prior to the termination date, restricts its sales to the United States and Canada and provides for net payment to us within 30 days of the date from the date of invoice. In addition, the agreement may terminate (i) at any time upon the mutual written agreement of the distributor and us, (ii) upon written notice, subject to applicable cure periods, if the other party has materially breached its obligations under the agreement or (iii) by either party upon the other party seeking an order for relief under the bankruptcy laws of the United States or similar laws of any other jurisdiction, a composition with or assignment for the benefit of creditors, or dissolution or liquidation.
For fiscal 2017, 2016 and 2015, we generated 29%, 31% and 32% of our total revenue, respectively, from customers located outside of the United States. Other financial information about our segment and geographic areas is incorporated herein by reference to Note 7 of the Notes to Consolidated Financial Statements included in Part II, Item 8 of this Annual Report on Form 10-K.
Sales and Marketing
Our sales and marketing approach is designed to be efficient for high volumes of transactions. Our marketing efforts focus on driving traffic to our websites and on generating high-quality sales leads. Our sales efforts focus on converting these leads into paying customers through a high volume, short duration sales process.
Sales
We sell our appliances, services and software to our customers using sales personnel and our global network of more than 6,500 distribution partners, managed service providers and resellers in more than 100 countries. Our inside sales force is devoted to turning highly qualified leads into purchasers of our solutions. The majority of our leads come from potential customers who have requested an evaluation of our solutions or from our existing customer base. As a result, our inside sales force typically calls potential buyers who already understand the value of our solutions and do not require a lengthy sales cycle. Our sales reach is augmented by our distributors, managed service providers and resellers to efficiently interact with our customer base for initial deployment and cross-selling additional solutions.
The Barracuda Networks Reseller Program (Barracuda Partner Program) is a global network of resellers offering our solutions, service and support to our customers. We believe that our solutions and innovative marketing, lead generation and training programs provide a significant opportunity for high-quality reseller and distributor partners. Our channel network leverages our channel partners’ industry, product and geographic knowledge and their customer reach to expand our customer base. Our relationships with our partners are generally governed by our standard, non-exclusive and non-transferable reseller agreement, which provides for the appointment of the channel partner in a specified territory and net payment to us from the channel partner within 30 days of the date from the date of invoice. Additionally, either party may terminate the agreement without cause upon 30 days prior written notice or immediately by giving notice to the other party if the other party is in breach of a material provision in the reseller agreement and fails to rectify such breach within 30 days of receiving such notice.
In October 2015, we further expanded our reach into the managed service provider market through the acquisition of Intronis. Many small- and mid-sized organizations are turning to managed service providers to implement various technology solutions on a fixed monthly or annual fee or a "pay-as-you-go" basis with minimal upfront costs. Further, these managed service providers procure solutions differently than traditional resellers and have different requirements around integrations, billing, self-branding and more. The Intronis platform is designed to meet the needs of these managed service providers, and we believe it can continue to be expanded to include additional Barracuda solutions. Since the Intronis acquisition, we have made Barracuda Essentials for Office 365, Barracuda Backup and Barracuda NextGen Firewall available via Intronis for our managed service provider partners.
We implement our approach through a disciplined sales process that provides clear guidelines for our sales force, and we actively measure and manage our sales results. We offer our solutions using standardized contract terms and we enable our customers to buy our solutions in a manner convenient to them.
Marketing
11
We use a variety of online marketing programs for lead generation, as well as more traditional direct marketing and indirect channel partner marketing programs to drive interest in our solutions. These efforts leverage the high level of use of Internet search engines through search engine marketing and optimization programs. Once we drive traffic to our websites, we have well-defined processes that allow us to automatically track visitors’ activities on our website, communicate with potential customers, encourage evaluations of our solutions and generate highly qualified leads to our sales organization.
Our marketing approach focuses on creating brand awareness, allowing us to build and maintain, through relevant web-based content and online communications, a substantial customer base and community, many of whom act as advocates for Barracuda. We employ an innovative approach to traditional visual marketing through the use of signs and billboards in key locations such as airports where our target customers often travel. We also enhance brand recognition and marketing through the use of vehicles wrapped with highly-visible branding.
In addition, we attend industry trade shows and conferences, regularly communicate with industry analysts and solicit their feedback on our solutions and strategies and host webinars on current issues to create awareness of our brand and solutions.
Our Go-to-Market Strategy. We have successfully grown our business by using a go-to-market strategy that includes the following:
• | Low-Touch Sales Model. Our marketing efforts drive customers to fill out online forms in which they provide information about their business and specific IT needs. Our inside sales force is responsible for following up on these qualified leads from our partners and our website and working to turn potential customer interest into opportunities that our channel partners can fulfill. For example, based on the information a customer completes on one of our online forms, our inside sales force may call the customer and walk them through an online demo and connect them to a channel partner. In larger transactions, our field sales team may become involved in a transaction to help a channel partner close an opportunity. |
• | Global Partner Network. We leverage our channel network to augment our inside sales force, giving us access to a broader potential customer base than we would be able to access on our own. We believe this greatly expands our distribution leverage as many times our customers order through our partner network without the involvement of our sales team. |
• | 30-Day Right to Return. For the majority of our solutions, new sales include a 30-day right to return. The risk-free nature of the transaction allows our customers to more quickly adopt Barracuda solutions and realize the value. |
• | Renewals and Cross-Selling. As our existing customers grow, we may have opportunities to sell more advanced versions of our solutions as well as cross-sell adjacent solutions. We have a dedicated sales team that focuses exclusively on renewals. We employ training and marketing programs to assist our sales force and channel partners to better sell into our sizable customer base. Because of our robust solution portfolio, an existing customer provides us with multiple additional sales points as they look to consolidate suppliers while expanding their IT systems. |
Customer Support
Barracuda Technical Support. Customer support is an essential element of our business model and we are focused on the impact of support on our customers’ experience. Our award-winning customer support includes multiple support options. All calls are answered and managed by trained Barracuda support agents 24x7x365. Moreover, we do not use phone trees and every call is answered live. We also offer multilingual support.
We hire our customer support agents based on their customer service experience and orientation and then provide supplemental in-house training to help them build their knowledge base and skill set. Our agents are categorized in tiers based on their skills. Tier 1 agents handle initial setup, basic support and troubleshooting. Tier 2 agents address detailed troubleshooting, analysis and support. Tier 3 agents address advanced issues, backend analysis and support. Finally, engineering support is available for any unresolved issues escalated appropriately. Agents of varying skill level sit together in groups in order to best serve our customers as well as foster a collaborative environment in which our agents can learn and grow their skills.
We offer self-service support in the form of our online knowledge base, community forum and documentation portal. We also offer an online community forum, which offers information, updates and peer support. We also offer Barracuda Campus to our customers, where they can access in-person and online trainings, technical documentation and whitepapers.
12
Support Subscriptions. We provide a number of support subscriptions with our portfolio of solutions.
Barracuda Energize Updates. The required Barracuda Energize Updates subscription and virtual appliance subscriptions provide our customers with access to Barracuda Technical Support.
Instant Replacement. Instant Replacement provides replacement hardware with next business day shipping. Along with providing priority replacements in case of equipment failure, the Instant Replacement subscription also provides ongoing migration to the latest hardware platforms through the Barracuda Hardware Refresh Program, enabling customers to receive a new hardware unit every four years at no additional cost.
Premium Support. Barracuda Premium Support provides for a dedicated account manager and a team of technical engineers to provide fast resolution of high-priority support issues, helping to ensure continuous uptime in mission-critical environments.
Manufacturing
We manufacture our appliances at our manufacturing facilities in Silicon Valley. By managing manufacturing locally and maintaining a highly flexible workforce, we are able to easily scale our manufacturing operations and react rapidly to customer needs. This enables us to support efficient, flexible, "just-in-time" manufacturing and key features of our business model such as real-time order fulfillment and our Instant Replacement program. Although we currently depend on a single source or a limited number of sources for certain components used in the manufacture of our appliances and are therefore subject to the risk of shortages in supply of these components, to date we have not experienced a significant delay in shipments. We generally use commodity hardware in our appliances, which is readily available from multiple sources, and we do not have any long-term supply agreements. Sourcing our materials from multiple suppliers enables us to fill orders with short lead-time and lower manufacturing costs.
Backlog
Appliances are shipped and billed shortly after receipt of an order. We do not believe that our appliance backlog at any particular time is meaningful because it is not necessarily indicative of future revenue in any given period as we offer our customers a 30-day right of return for the majority of our solutions. Additionally, the majority of our appliance revenue comes from orders that are received and shipped in the same quarter. Orders for subscriptions are billed shortly after receipt of an order and are included in deferred revenue. Timing of revenue recognition for subscriptions may vary depending on the contractual service period or when the services have commenced.
Research and Development
Our research and development efforts are focused on the development of new solutions, including software and cloud solutions, and the integration of additional features and capabilities into our existing solutions. Our product management and engineering teams have extensive security and data protection expertise and work closely with customers to identify their current and future needs. The experience of our design teams enables us to effectively assess the tradeoffs and advantages when determining which features and capabilities of our solutions should be implemented.
We believe that innovation and timely development of new features and solutions is essential to meeting the needs of our customers and improving our competitive position. We test our solutions thoroughly to certify and ensure interoperability with third-party hardware and software products.
Our research and development expenses were $75.1 million, $71.3 million and $58.7 million in fiscal 2017, 2016 and 2015, respectively.
Intellectual Property
Our success depends in part upon our ability to protect our core technology and intellectual property. To accomplish this, we rely on a combination of intellectual property rights, including patents, trade secrets, copyrights and trademarks, as well as customary contractual protections.
As of February 28, 2017, we had 65 issued patents that expire between July 2017 and April 2034 and 22 patent applications pending in the United States. We cannot assure you whether any of our patent applications will result in the issuance of a patent or whether the examination process will require us to narrow our claims. We also license software from
13
third parties for integration into our solutions, including open source software and other software available on commercially reasonable terms.
We control access to and use of our proprietary software and other confidential information through the use of internal and external controls, including contractual protections with employees, contractors, customers and partners, and our software is protected by U.S. and international copyright laws. Despite our efforts to protect our trade secrets and proprietary rights through intellectual property rights, licenses and confidentiality agreements, unauthorized parties may still copy or otherwise obtain and use our software and technology. In addition, we intend to expand our international operations and effective patent, copyright, trademark and trade secret protection may not be available or may be limited in foreign countries.
Our industry is characterized by the existence of a large number of patents and frequent claims and related litigation regarding patent and other intellectual property rights. In particular, leading companies in our markets have extensive patent portfolios and are regularly involved in litigation. From time to time, third parties, including certain of these leading companies, may assert patent, copyright, trademark and other intellectual property rights against us, our channel partners or our customers. Our standard license and other agreements may obligate us to indemnify our channel partners and customers against such claims. Successful claims of infringement by a third party could prevent us from distributing certain solutions or performing certain services, require us to expend time and money to develop non-infringing solutions or force us to pay substantial damages, including treble damages if we are found to have willfully infringed patents or copyrights, royalties or other fees. In addition, if we become more successful, competitors may try to develop solutions and services that are similar to ours that may infringe our proprietary rights. Competitors or other third parties may also be more likely to claim that our solutions infringe their proprietary rights. We cannot assure you that we do not currently infringe, or that we will not in the future infringe, upon any third-party patents or other proprietary rights.
Competition
We operate in the intensely competitive security and data protection markets that are characterized by constant change and innovation, and we expect competition to increase in the future from larger, well-established competitors and new market entrants. Changes in the application, threat and technology landscape result in evolving customer requirements. Our main competitors in these markets fall into two categories:
• | Independent content security, network security, application delivery and data protection vendors such as Check Point Software Technologies, Ltd., CommVault Systems, Inc., Datto, Inc., EMC Corporation, F5 Networks, Inc., Fortinet, Inc., Imperva, Inc., Juniper Networks, Inc., McAfee LLC, Mimecast Limited, Palo Alto Networks, Inc., Proofpoint, Inc., Sophos Ltd., Symantec Corporation, Veeam Software and Veritas Technologies that offer competing solutions. |
• | Diversified IT suppliers such as Cisco Systems, Inc., Dell Inc., Hewlett Packard Enterprise Company and International Business Machines that have acquired large security specialist vendors in recent years, that have software- or hardware-based storage solutions or that have the technical and financial resources to bring competitive solutions to the market. |
In addition, we compete with companies that offer point solutions that compete with some of the features present in our platform. As our market grows, we believe it will attract more highly specialized vendors as well as larger vendors that may continue to acquire or bundle their solutions more effectively.
The principal competitive factors in our market include:
• | solution ease-of-use; |
• | solution features, reliability, performance and effectiveness; |
• | solution line breadth and applicability; |
• | solution extensibility and ability to integrate with other technology infrastructures; |
• | price and total cost of ownership; |
• | proactive live technical support; |
• | strength of sales and marketing efforts; and |
• | brand awareness and reputation. |
14
We believe we generally compete favorably on the basis of these factors. However, many of our competitors have substantially greater financial, technical and other resources; greater name recognition; stronger reputations and longer operating histories; larger sales and marketing budgets; broader distribution and established relationships with distribution partners and customers; lower labor and development costs; greater customer support resources; larger and more mature intellectual property portfolios; and greater resources to make acquisitions.
Employees
As of February 28, 2017, we had 1,490 full-time employees. Although we are subject to collective bargaining agreements in certain countries, our U.S. employees are not represented by a labor union. We consider our employee relations to be good.
Corporate Information
We were incorporated in 2003 in the State of California under the name Barracuda Networks, Inc. and in 2004 reincorporated in the State of Delaware. Our principal executive offices are located at 3175 S. Winchester Blvd., Campbell, California 95008, and our telephone number is (408) 342-5400.
We file annual reports on Form 10-K, quarterly reports on Form 10-Q, current reports on Form 8-K and amendments to reports filed or furnished pursuant to Sections 13(a) and 15(d) of the Securities Exchange Act of 1934, as amended (the "Exchange Act"). The public may obtain these filings at the Securities and Exchange Commission’s Public Reference Room at 100 F Street, NE., Washington, DC 20549 or by calling the Security and Exchange Commission (the "SEC") at 1-800-SEC-0330. The SEC also maintains a website at www.sec.gov that contains reports, proxy and information statements and other information that we file with the SEC electronically. Our company website is located at www.barracuda.com and our investor relations website is located at investors.barracuda.com/company/investor-relations. Copies of our reports on Form 10-K, Forms 10-Q, Forms 8-K and amendments to those reports may be obtained, free of charge, electronically through our website as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC. We have also used, and intend to continue to use, our investor relations website as means of disclosing material non-public information and for complying with its disclosure obligations under Regulation FD. Further corporate governance information, including our audit, compensation and nominating and corporate governance committee charters, corporate governance guidelines, code of business conduct and ethics and stockholder communications policy, is also available on our investor relations website. The contents of our website are not intended to be incorporated by reference into this Annual Report on Form 10-K or in any other report or document we file with the SEC, and any references to our website are intended to be inactive textual references only.
15
Item 1A. Risk Factors
Our operations and financial results are subject to various risks and uncertainties, including those described below. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, may also become important factors that affect us. If any of the following risks occur, our business, financial condition, operating results and prospects could be materially and adversely affected. In that event, the price of our common stock could decline.
Risks Related to Our Business and Our Industry
If we are unable to increase sales of our solutions to new customers and sell additional distinct solutions from our portfolio of solutions to our existing customers, our future revenue and operating results will be harmed.
Our future success depends on our ability to increase sales of our solutions to new customers as well as to increase sales of additional solutions to our existing customers. The rate at which new and existing customers purchase solutions depends on a number of factors, including certain factors outside of our control, such as customers’ perceived need for security and data protection solutions and general economic conditions. If our efforts to sell our solutions to new customers and additional solutions to our existing customers are not successful, our business and operating results may suffer.
A substantial majority of our billings in any particular period are derived from sales to customers with whom we began to engage during that same period and therefore our sales and the size and time to close the deals may vary from period to period and be difficult to predict. Given this unpredictability, we may be unable to accurately forecast our billings in any given period. A failure to accurately predict the level of demand for our solutions may adversely impact our future revenue and operating results, and we are unlikely to forecast such effects with any certainty in advance.
We rely significantly on revenue from subscriptions, which may decline, and, because we recognize revenue from subscriptions over the term of the relevant subscription period, downturns or upturns in sales are not immediately reflected in full in our operating results.
Our subscription revenue accounted for 77% and 72% of our total revenue for the fiscal years ended February 28, 2017 and February 29, 2016, respectively. Customers that purchase our subscriptions have no contractual obligation to renew their contracts after the initial contract period, which include monthly and annual terms ranging from one to five years, and we may not maintain our historical subscription renewal rates. The substantial majority of our subscriptions are for one-year periods and in fiscal 2017 we continued to see more customers opt for ratable subscription form factors and shorter contract lengths. New or renewal subscriptions, or the average length of such subscriptions, may decline or fluctuate as a result of a number of factors, including our customers’ level of satisfaction with our solutions and our customer support, the frequency and severity of subscription outages, our solution functionality and performance, changes in customer deployment models, the timeliness and success of solution and enhancement introductions by us and those of our competitors, the prices of our solutions, the prices of solutions offered by our competitors or reductions in our customers’ spending levels. If new or renewal subscriptions decline, our revenue or revenue growth may decline, and our business may suffer. In addition, we recognize subscription revenue ratably over the term of the relevant subscription period. As a result, much of the revenue we report each quarter is the recognition of billings from subscriptions entered into during previous quarters. Consequently, a decline in new or renewal subscriptions in any one quarter will not be fully reflected in revenue in that quarter, but will negatively affect our revenue in future quarters. Accordingly, the effect of significant downturns in sales of our solutions would not be reflected in full in our results of operations until future periods.
We have experienced net losses on a GAAP basis in recent periods and may not maintain profitability in the future. If we cannot maintain profitability, our financial performance will be harmed.
While we generated net income on a U.S. generally accepted accounting principles ("GAAP") basis for fiscal 2017, we experienced net losses on a GAAP basis for fiscal 2016, 2015 and 2014. While we have experienced revenue growth over these same periods, we may not be able to sustain or increase our growth or maintain profitability in the future or achieve it on a consistent basis. Over the past several years, we have spent substantial amounts of time and money to develop new security and data protection solutions and enhanced versions of our existing security and data protection solutions to position us for future growth. Additionally, we have incurred substantial expenses and expended significant resources upfront to market, promote and sell our solutions as well as to prepare for and develop solutions which can address the complex infrastructure environments of our customers including hybrid, public cloud and managed service provider solutions. These changes in IT infrastructure are accelerating and are driving significant changes in storage and compute architectures and solution requirements as well as
16
presenting challenges in the security market, which may materially and adversely affect our business and prospects in ways we do not currently anticipate.
We also expect to continue to invest for future growth and for the growing prevalence of cloud-based and other alternative IT infrastructures. As a result of our increased expenditures, we will have to generate and sustain increased revenue to maintain future profitability. Maintaining profitability will require us to increase revenues, manage our cost structure and avoid significant liabilities. Revenue growth may slow, revenue may decline, or we may incur significant losses in the future for a number of possible reasons, including general macroeconomic conditions, increasing competition, a decrease in the growth of the markets in which we operate, or if we fail for any reason to continue to capitalize on growth opportunities. Additionally, we may encounter unforeseen operating expenses, difficulties, complications, delays and other unknown factors that may result in losses in future periods. If these losses exceed our expectations or our revenue growth expectations are not met in future periods, our financial performance will be harmed and our stock price could be volatile or decline.
If we cannot successfully execute on our strategy and continue to develop, manufacture and market solutions that respond promptly to the security and data protection needs of our customers, our business and operating results may suffer.
The security and data protection markets are characterized by constant change and innovation, and we expect them to continue to evolve rapidly. Moreover, many of our customers operate in markets characterized by rapidly changing technologies and business models, which require them to develop and manage increasingly complex enterprise networks, incorporating a variety of hardware, software applications, operating systems and networking protocols. Our historical success has been based on our ability to identify common customer needs and design solutions to address complex IT problems in an organization’s threat vectors including email, web browsing, mobile devices and remote access. Furthermore, our sales and marketing initiatives are primarily focused on higher-growth segments within the security and data protection markets. To the extent we are unable to continue to identify common IT challenges and execute our business model to timely and effectively design and market solutions to address these challenges, as well as to continue to expand our sales to higher-growth segments within the security and data protection markets, our business, operating results and financial condition will be adversely affected. Additionally, our results could be negatively impacted if we are unable to capitalize on growing cloud-based and hybrid deployment, as well as managed service provider solution, opportunities and continue to develop and market virtual appliances and subscription-only solutions for cloud and SaaS applications.
The process of developing new technology is complex and uncertain, and if we fail to accurately predict customers’ changing needs, particularly in the higher-growth segments within the security and data protection markets, and emerging technological trends or if we fail to achieve the benefits expected from our investments, our business could be harmed. We believe that we must continue to dedicate a significant amount of resources to our research and development efforts to maintain our competitive position and we must commit significant resources to developing new solutions before knowing whether our investments will result in solutions the market will accept. Our new solutions or enhancements could fail to attain sufficient market acceptance for many reasons, including:
•delays in releasing our new solutions or enhancements to the market;
•failure to accurately predict market demand or customer demands;
• | changes in customer environments including migration to hybrid, public cloud, private cloud, SaaS applications, and managed service provider solutions; |
•inability to protect against new types of attacks or techniques used by hackers;
•defects, errors or failures in their design or performance;
•negative publicity about their performance or effectiveness;
•introduction or anticipated introduction of competing solutions by our competitors;
•poor business conditions for our customers, causing them to delay IT purchases;
•the perceived value of our solutions or enhancements relative to their cost;
•easing of regulatory requirements around security or storage; and
17
•reluctance of customers to purchase solutions incorporating open source software.
There can be no assurance that we will successfully identify new opportunities, develop and bring new solutions to market on a timely basis or achieve market acceptance of our solutions, or that solutions and technologies developed by others will not render our solutions or technologies obsolete or noncompetitive, all of which could adversely affect our business and operating results. If our new solutions or enhancements do not achieve adequate acceptance in the market, or if our new solutions or enhancements do not result in increased subscriptions, our competitive position will be impaired, our revenue will be diminished and the negative impact on our operating results may be particularly acute because of the upfront research, development, marketing, sales and other expenses we incurred in connection with the new solutions or enhancements.
Significant developments in IT infrastructure deployments, particularly cloud computing and other alternative IT infrastructure technologies, may materially adversely affect the demand for our products.
Developments or changes in IT infrastructure, such as the emergence of hosted cloud storage, SaaS and mobile data access, are driving significant changes in storage and compute architectures and solution requirements as well as presenting significant challenges in the security market, which may materially and adversely affect our business and prospects in ways we do not currently anticipate and have seen these developments and changes accelerate in recent periods. For example, public cloud providers with significantly greater resources may continue to expand their offerings to more directly compete with our solutions. The emergence of cloud computing and other alternative IT infrastructure technologies, in which technology services are provided on a remote-access basis, have begun to have, and may continue to have, a significant impact on the market for security and data protection solutions and may result in rapid changes in customer demands. This could be the case even if such advances do not deliver all of the benefits of our solutions. If alternative models gain traction, any failure by us to develop new or enhanced technologies or processes, or to react to changes or advances in existing technologies, could adversely affect our business and operating results.
We have recently introduced, and will continue to introduce, new security and data protection solutions and we may not gain broad market acceptance for these new solutions.
Over the past year, we have released several new security and data protection solutions and enhanced versions of our existing security and data protection solutions, which address the higher-growth segments of the security and data protection markets including hybrid, public cloud, SaaS and managed service provider deployment options, to incorporate additional features, improve functionality or deliver other enhancements in order to meet our customers’ rapidly evolving demands. The return on our investments in these development efforts may be lower, or may develop more slowly, than we expect. Further, given their recent introduction, we cannot assure you that these solutions will gain broad market acceptance and that they will prove to be profitable in the longer term. Additionally, we intend to continue introducing new security and data protection solutions to respond to the needs of our customers. If we fail to achieve high levels of market acceptance for these solutions or if market acceptance is delayed, or if the market segments we address with our new solutions do not grow as expected, we may fail to justify the amount of our investment in developing and bringing them to market, and our business, operating results and financial performance could be adversely affected.
Our quarterly and annual operating results and key metrics have varied in the past and may continue to vary and be unpredictable, which may cause our stock price to fluctuate.
Our quarterly and annual operating results and key metrics have varied from period to period in the past, and we expect that they may continue to fluctuate as a result of a number of factors, many of which are outside of our control, including:
•the timing and success of introductions of our new solutions;
•changes in the growth rate of the security and data protection markets;
•changes in renewal rates for our subscriptions and our ability to cross-sell additional solutions in a period;
• | the size of orders and the time it takes to close sales, which has increased in recent periods and may continue to increase; |
•the timing of orders from our customers;
•the timing of our marketing expenditures;
18
•the mix of solutions sold;
• | fluctuations in demand for our products and services, particularly seasonal variations in customer spending patterns in more than one of our addressable markets; |
• | the continued emergence of hosted cloud storage, SaaS and mobile data access which are driving significant changes in storage and compute architectures and solution requirements and related delays in customer buying decisions as they evaluate the impact of changing deployment environments on their long-term IT strategies; |
• | our ability to control costs, including operating expenses, the costs of hardware and software components, and other manufacturing costs; |
• | the costs associated with acquiring new businesses and technologies and the follow-on costs of integration and consolidating the results of acquired businesses; |
•the budgeting cycles and purchasing priorities of our customers;
•the timing of payments of sales commissions, bonuses or performance earnouts;
•changes in our distribution strategy to further leverage managed service providers and cloud deployments;
•the timing and potential provision of valuation allowances against our deferred tax assets;
•the level of perceived threats to network security, which may fluctuate from period to period;
•government regulations and customer requirements surrounding data storage and protection;
• | fines, penalties or changes or increases in liabilities for regulatory actions, litigation, intellectual property settlements or warranty claims; |
• | deferral of orders from customers in anticipation of new solutions or solution enhancements announced by us or our competitors or due to changes in deployment architectures; |
• | the discontinuation of non-core product offerings; |
• | any significant changes in the competitive environment, including the entry of new competitors and increased price competition; |
•disruption in our supply chain and the availability of the components of our appliances;
•levels of solution returns, particularly in connection with our 30-day right to return;
•the timing of revenue recognition for our sales, which may be affected by the term of subscriptions;
• | increases or decreases caused by fluctuations in foreign currency exchange rates, since a significant portion of our revenues are received, and our expenses are incurred and paid, in currencies other than U.S. dollars; |
• | general economic conditions, both domestically and in our foreign markets, which impact purchasing patterns of customers; and |
• | future accounting pronouncements or changes in our accounting policies, including, but not limited to, changes in the revenue recognition standard scheduled to take place in fiscal 2019. |
Any one of the factors above, or the cumulative effect of some of the factors referred to above, may result in significant fluctuations in our quarterly or annual operating results, including fluctuations in our key financial metrics. This variability and unpredictability could result in our failing to meet our revenue, billings or operating results expectations or those of securities analysts or investors for any period. In addition, a significant percentage of our operating expenses are fixed in nature and based on forecasted revenue trends. Accordingly, in the event of revenue shortfalls, we are generally unable to mitigate the negative impact on operating results in the short term. If we fail to meet or exceed such expectations for these or any other reasons, our
19
business and stock price could be materially adversely affected and we could face costly lawsuits, including securities class action suits.
We believe that our brand is integral to our success and if we fail to cost-effectively promote or protect our brand, our business and competitive position may be harmed.
We believe that cost-effectively promoting and maintaining awareness and integrity of our company and our brand are vital to achieving widespread acceptance of our existing and future solutions and are important elements in attracting new customers and retaining our existing customers, particularly as we seek to expand internationally. We believe that the importance of brand recognition will increase as competition in our market further intensifies. We have invested and expect to continue to invest substantial resources to promote and maintain our brand and generate sales leads, both domestically and internationally, but there is no guarantee that our brand development strategies will enhance the recognition of our brand or lead to increased sales. For example, we use radio advertisements, signs and billboards in key locations such as airports where target customers often travel, and strategic sponsorships. We also engage in activities such as promotional events and attending trade shows. Some of our existing and potential competitors have well-established brands with equal or greater recognition than we have. If our efforts to cost-effectively promote and maintain our brand are not successful, our operating results and our ability to attract and retain customers may be adversely affected. In addition, even if our brand recognition and loyalty increases, our revenue may not increase at a level that is commensurate with our marketing spend.
In addition, independent industry analysts often provide reviews of our solutions, as well as those of our competitors, and perception of our solutions in the marketplace may be significantly influenced by these reviews. We have no control over what these industry analysts report, and because industry analysts may influence current and potential customers, our brand could be harmed if they do not provide a positive review of our solutions or view us as a market leader.
We face intense competition in the security and data protection markets and other markets in which we compete, which are characterized by constant change and innovation, and we may lack sufficient financial or other resources to maintain or improve our competitive position.
The markets for security and data protection solutions are intensely competitive and are characterized by constant change and innovation, and we expect competition to increase in the future from larger, well-established competitors and new market entrants. Changes in the application, threat and technology landscape result in evolving customer requirements. Our main competitors in these markets fall into two categories:
• | Independent content security, network security, application delivery and data protection vendors such as Check Point Software Technologies, Ltd., CommVault Systems, Inc., Datto, Inc., EMC Corporation, F5 Networks, Inc., Fortinet, Inc., Imperva, Inc., Juniper Networks, Inc., McAfee LLC, Mimecast Limited, Palo Alto Networks, Inc., Proofpoint, Inc., Sophos Ltd., Symantec Corporation, Veeam Software and Veritas Technologies that offer competing solutions. |
• | Diversified IT suppliers such as Cisco Systems, Inc., Dell Inc., Hewlett Packard Enterprise Company and International Business Machines that have acquired large security specialist vendors in recent years, that have software- or hardware-based storage solutions or that have the technical and financial resources to bring competitive solutions to the market. |
In addition, we compete with companies that offer point solutions that compete with some of the features present in our platform. As our market grows, we believe it will attract more highly specialized vendors as well as larger vendors that may continue to acquire or bundle their solutions more effectively.
Many of our existing competitors have, and some of our potential competitors could have, substantial competitive advantages such as:
• | substantially greater financial, technical and other resources; |
• | greater name recognition, stronger reputations and longer operating histories; |
• | larger sales and marketing and customer support budgets and resources; |
• | broader distribution and established relationships with distribution partners and customers; |
• | lower labor and development costs; |
20
• | larger and more mature intellectual property portfolios; and |
• | greater resources to make acquisitions. |
In addition, our larger competitors have substantially broader solution offerings and leverage their relationships based on other solutions or incorporate functionality into existing solutions to gain business in a manner that discourages customers and potential customers from purchasing our solutions, including through selling at low or negative margins, product bundling or closed technology platforms. Potential customers may also prefer to purchase from their existing suppliers rather than a new supplier regardless of solution performance, price or features. These larger competitors often have broader product lines and market focus and will therefore not be as susceptible to downturns in our markets, thereby reducing their overall risk profile as compared to ours. Many of our smaller competitors that specialize in providing protection from a single type of network security threat are often able to deliver these specialized network security solutions to the market more quickly than we can, which could reduce the addressable market for our new solutions or enhancements to existing solutions. Conditions in our market could change rapidly and significantly as a result of technological advancements, partnering by our competitors or continuing market consolidation. New start-up companies that innovate and large competitors that are making significant investments in research and development may invent similar or superior solutions and technologies that compete with our solutions and technology. Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their ability to compete.
Some of our competitors have made acquisitions of businesses that may allow them to offer more directly competitive and comprehensive solutions than they had previously offered. As a result of such acquisitions, our current or potential competitors might be able to adapt more quickly to new technologies and customer needs, devote greater resources to the promotion or sale of their solutions and services, initiate or withstand substantial price competition, take advantage of acquisition or other opportunities more readily, or develop and expand their solution offerings more quickly than we do.
Organizations may be more willing to incrementally add solutions to their existing IT infrastructure from competitors than to replace it with our solutions. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross profits and loss of market share. Any failure to meet and address these factors could seriously harm our business and operating results.
To remain competitive, we may be required to make substantial additional investments in research, development, marketing and sales in order to respond to competition, and there can be no assurance that these investments will achieve any returns for us or that we will be able to compete successfully in the future.
Our business is dependent on overall demand for security and data protection solutions and therefore reduced security and data protection solution spending or overall adverse economic conditions may negatively impact our business and operating results.
Our business depends on the overall demand for security and data protection solutions. In addition, the purchase of our solutions is often discretionary. Weak global economic conditions, or a reduction in security and data protection solution spending even if economic conditions improve, could adversely impact our business, financial condition and operating results in a number of ways, including longer sales cycles, lower prices for our solutions, higher default rates among our customers and channel partners, reduced subscription renewals and lower our sales levels. As global economic conditions continue to be volatile or economic uncertainty remains, including any volatility resulting from the transition to the Trump administration in the United States or the outcome of the United Kingdom’s referendum to exit the European Union (the "EU"), trends in security and data protection spending also remain unpredictable and subject to reductions due to credit constraints and uncertainties about the future. Unfavorable economic conditions, including any stemming from an unstable political environment in the United States or abroad as well as those resulting from regulatory or tax policy changes from the Trump administration, as well as economic uncertainty or an economic downturn, may harm our business and operating results in the future.
We rely on third-party distributors, channel partners and managed service providers to fulfill substantially all of our sales orders and generate customer demand. If our distributors and reseller channel partners fail to perform, our ability to sell our solutions will be limited, and, if we fail to optimize our distributor and reseller channel partner model going forward, our operating results will be harmed.
A substantial portion of our sales orders are fulfilled by our channel partners, which include distributors and resellers. We depend upon our resellers and managed service providers to manage the customer sales process and to generate sales opportunities and our distributors to provide our solutions to our resellers. To the extent our distributors, resellers and managed service providers are unsuccessful in fulfilling our sales, managing the sales process or selling our solutions, or we are unable to
21
enter into arrangements with, and retain a sufficient number of high-quality, motivated distributors and resellers in each of the regions in which we sell our offerings, our ability to sell our solutions and operating results will be harmed. In order to support our growth strategy, we continue to expand our distributor, reseller and managed service provider network, both in the United States and internationally. If we are unable to successfully develop new distributor, reseller and managed service provider relationships, or if we experience reseller shifts between distributors or any channel conflict occurs, it could negatively impact our ability to meet our revenue and profitability goals.
We provide our channel partners with specific programs to assist them in selling our solutions, but there can be no assurance that these programs will be effective. In addition, our channel partners may be unsuccessful in marketing, selling and supporting our solutions. Our channel partners do not have minimum purchase requirements. They may also market, sell and support solutions that are competitive with ours, and may devote more resources to the marketing, sales and support of such solutions. Our agreements with our channel partners may generally be terminated for any reason by either party with advance written notice and our channel partners may stop selling our solutions at any time. We cannot assure you that we will retain these channel partners, that channel partners will sell our solutions effectively or that we will be able to secure additional or replacement channel partners. The loss of one or more of our significant channel partners or a decline in the number or size of orders from them could harm our operating results. In addition, our channel partner sales structure could subject us to lawsuits, potential liability, and reputational harm if, for example, any of our channel partners misrepresent the functionality of our solutions to customers or violate laws or our corporate policies.
We have made significant investments in recent periods to support our growth, including investments in our information technology, infrastructure and management team, and these investments may achieve delayed or lower than expected benefits, which could harm our operating results. Furthermore, if we do not effectively manage any future growth, or are unable to improve our systems and processes, our operating results will be adversely affected.
We continue to increase the breadth and scope of our offerings and, correspondingly, the breadth and scope of our operations. To support this growth, and to manage any future growth effectively, we must continue to improve and expand our information technology and financial infrastructure, our operating and administrative systems and our ability to manage headcount, capital and processes in an efficient manner. We have incurred, and will continue to incur, expenses as we invest in international operations and infrastructure such as the expansion of our sales and marketing presence globally, the addition of higher touch sales and marketing field resources to liaise with our channel partners as we continue to grow our sales both domestically and internationally and investments in software systems and additional data center resources to keep pace with the growth in the cloud and cloud-based solutions markets. We continue to make significant incremental investments in product development, corporate infrastructure and broadened distribution, and we intend to continue to invest in development of our solutions, our infrastructure and sales and marketing. We have recognized, and are likely to continue to recognize, the costs associated with these investments earlier than some of the anticipated benefits, and the return on these investments may be lower, or may develop more slowly, than we expect. If we do not achieve the benefits anticipated from these investments, or if the achievement of these benefits is delayed, our operating results may be adversely affected.
We have acquired, and in the future may acquire, other businesses which could require significant management attention, disrupt our business, dilute stockholder value and adversely affect our operating results.
As part of our business strategy, we have in the past made, and may in the future make, acquisitions or investments in complementary companies, solutions and technologies that we believe fit within our business model and can address the needs of IT professionals. With respect to our previous acquisitions, we cannot ensure that we will be able to successfully integrate the technology and resources to increase subscriptions and grow revenue derived from these acquisitions.
In the future, we may not be able to acquire and integrate other companies, solutions or technologies in a successful manner. We may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. Furthermore, we may not be able to find suitable acquisition candidates that enhance our subscription offerings. If we do complete acquisitions, we may not ultimately strengthen our competitive position or achieve our goals, including increases in subscriptions, and any acquisitions we complete could be viewed negatively by our customers, investors and industry analysts. Future acquisitions may reduce our cash available for operations and other uses and could result in an increase in amortization expense related to identifiable assets acquired. We may have to pay cash, incur debt or issue equity securities to pay for any such acquisition, each of which could adversely affect our financial condition or the value of our common stock. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to our stockholders. The incurrence of indebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage our operations. In addition, our future operating results may be impacted by performance earnouts or contingent bonuses. Furthermore, acquisitions may require large one-time charges and can result in increased debt or contingent liabilities, adverse tax consequences, additional stock-based compensation expense
22
and the recording and subsequent amortization of amounts related to certain purchased intangible assets, any of which items could negatively impact our future results of operations. We may also record goodwill in connection with an acquisition and incur goodwill impairment charges in the future.
In addition, if we are unsuccessful at integrating such acquisitions, or the technologies associated with such acquisitions, into our company, the revenue and operating results of the combined company could be adversely affected. Any integration process may result in unforeseen operating difficulties and require significant time and resources, and we may not be able to manage the process successfully. In particular, we may encounter difficulties assimilating or integrating the companies, solutions, technologies, personnel or operations we acquire, particularly if the key personnel are geographically dispersed or choose not to work for us. Acquisitions may also disrupt our core business, divert our resources and require significant management attention that would otherwise be available for development of our business. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. If we fail to properly evaluate, execute or integrate acquisitions or investments, the anticipated benefits may not be realized, we may be exposed to unknown or unanticipated liabilities, and our business and prospects could be harmed.
We generate a significant amount of revenue from sales outside of the United States, and we are therefore subject to a number of risks associated with international sales and operations.
Sales outside of the United States represented 29% and 31% of our total revenue for the fiscal years ended February 28, 2017 and February 29, 2016, respectively. As a result, we must continue to hire and train experienced personnel to staff and manage our foreign operations. To the extent that we experience difficulties in recruiting, training, managing and retaining an international staff, and specifically staff related to sales management and sales personnel, we may experience difficulties in sales productivity in foreign markets. If we are not able to maintain successful channel partner and distributor relationships internationally or recruit additional companies to enter into strategic channel partner and distributor relationships, our future success in these international markets could be limited. Additionally, as sales outside of the United States have typically been denominated in U.S. dollars, fluctuations in exchange rates could cause our products to become relatively more expensive to our customers outside of the United States leading to a reduction in sales to those customers. Furthermore, an increasing portion of our operating expenses is incurred outside of the United States, is denominated in foreign currencies, and is subject to fluctuations due to changes in foreign currency exchange rates. A reduction in sales or an increase in operating expenses due to fluctuations in foreign currency exchange rates would have an adverse effect on our financial condition and operating results.
Additionally, our international sales and operations are subject to a number of risks, including the following:
• | greater difficulty in enforcing contracts and accounts receivable collection and longer collection periods; |
• | increased expenses incurred in establishing and maintaining office space and equipment for our international operations; |
• | greater costs and expenses associated with international sales and operations; |
• | management communication and integration problems resulting from cultural and geographic dispersion; |
• | risks associated with trade restrictions and foreign legal requirements, including the importation, certification and localization of our solutions required in foreign countries; |
• | greater risk of unexpected changes in regulatory practices, tariffs and tax laws and treaties; |
• | the uncertainty of protection for intellectual property rights in some countries; |
• | greater risk of a failure of foreign employees to comply with both U.S. and foreign laws, including export and antitrust regulations, the U.S. Foreign Corrupt Practices Act and any trade regulations ensuring fair trade practices; |
• | heightened risk of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, or irregularities in, financial statements; |
• | increased financial accounting and reporting burdens and complexities; |
23
• | the effects and any resulting negative economic impact of the outcome of the United Kingdom’s referendum to exit the EU; |
• | the potential for political unrest, terrorism, hostilities or war; and |
• | multiple and possibly overlapping tax structures. |
We have office locations in various international locations, including Austria, India and the United Kingdom. If we are unable to effectively manage a large and geographically dispersed group of employees or to anticipate our future growth and personnel needs, our business may be adversely affected. As we expand our business, we add complexity to our organization and must expand and adapt our operational infrastructure and effectively coordinate throughout our organization. As a result, we have incurred and expect to continue to incur additional expense related to our continued growth. In addition, the expansion of our existing international operations and entry into additional international markets have required and will continue to require significant management attention and financial resources.
Failure to manage any future growth effectively could harm our ability to gain future international revenues, result in increased costs, negatively impact our customers’ satisfaction with our solutions, and, consequently, materially impact our business, operating results and financial condition.
We are exposed to fluctuations in currency exchange rates, which could negatively affect our financial condition and operating results.
Given our volume of international sales, a substantial portion of our total revenue is subject to foreign currency risk. For example, 29% and 31% of our total revenue was generated from sales to customers located outside of the United States for the fiscal years ended February 28, 2017 and February 29, 2016, respectively. Additionally, further strengthening of the U.S. dollar could increase the real cost of our solutions to our customers outside of the United States, which could adversely affect our financial condition and operating results. In addition, a portion of our operating expenses is incurred outside of the United States, is denominated in foreign currencies, and is subject to fluctuations due to changes in foreign currency exchange rates. Beginning in fiscal 2015, we have utilized foreign exchange forward contracts to manage foreign currency risk. If our foreign exchange forward contracts do not successfully manage our foreign currency risk or if we are not otherwise able to successfully manage or hedge against the risks associated with currency fluctuations, our financial condition and operating results could be adversely affected.
Our business is substantially dependent on sales leads from Internet search engines and if we are unable to generate significant volumes of such leads, traffic to our websites and our revenue may decrease.
We generate a substantial portion of our sales leads through visits to our websites by potential customers interested in our solutions. Many of these potential customers find our websites by searching for security and data protection solutions through Internet search engines, particularly Google. A critical factor in attracting potential customers to our websites is how prominently our websites are displayed in response to search inquiries. If we are listed less prominently or fail to appear in search result listings for any reason, visits to our websites by customers and potential customers could decline significantly and we may not be able to replace this traffic. Furthermore, if the costs of search engine marketing services, such as Google AdWords, continue to increase we may be required to increase our sales and marketing expenses, which may not be offset by additional revenue, and our business and operating results could be adversely affected.
Failure to comply with governmental laws and regulations could harm our business.
Our business is subject to regulation by various federal, state, local and foreign governmental agencies, including agencies responsible for monitoring and enforcing employment and labor laws, workplace safety, product safety, environmental laws, consumer protection laws, anti-bribery laws, import/export controls, federal securities laws and tax laws and regulations. In certain foreign jurisdictions, these regulatory requirements may be more stringent than those in the United States. Noncompliance with applicable regulations or requirements could subject us to investigations, sanctions, mandatory product recalls, enforcement actions, disgorgement of profits, fines, damages, civil and criminal penalties or injunctions. If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, operating results, and financial condition could be materially adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. Enforcement actions and sanctions could harm our business, operating results and financial condition.
24
Defects, errors or vulnerabilities in our solutions, the failure of our solutions to block a virus or prevent a security breach or a false detection of applications, viruses, spyware, vulnerability exploits, data patterns or URL categories could harm our reputation and adversely impact our operating results.
Because our solutions are complex, they have contained and may in the future contain design or manufacturing defects or errors that are not detected until after their commercial release and deployment by our customers. For example, from time to time, certain of our customers have reported defects in our solutions related to performance, functionality and compatibility that were not detected before shipping the solution. Additionally, defects may cause our solutions to be vulnerable to security attacks, cause them to fail to help secure networks or temporarily interrupt customers’ networking traffic. Because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, our solutions may not be able to protect our customers’ networks. Our security solutions may also fail to detect or prevent viruses, worms or similar threats due to a number of reasons such as the evolving nature of such threats and the continual emergence of new threats that we may fail to add to our threat intelligence database or other virus databases in time to protect our customers’ networks. In addition, defects or errors in our subscription updates or our solutions could result in a failure to effectively update customers’ solutions and thereby leave our customers vulnerable to attacks. Our data centers and networks may experience technical failures and downtime, may fail to distribute appropriate updates, or may fail to meet the increased requirements of a growing customer base, any of which could temporarily or permanently expose our customers’ networks, leaving their networks unprotected against the latest security threats. Any defects, errors or vulnerabilities in our solutions could result in:
• | expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate or work-around errors or defects or to address and eliminate vulnerabilities; |
• | loss of existing or potential customers; |
• | delayed or lost revenue; |
• | delay or failure to attain market acceptance; |
• | negative publicity, which will harm our reputation and brand; |
• | an increase in warranty claims compared with our historical experience, or an increased cost of servicing warranty claims, either of which would adversely affect our operating results; and |
• | litigation, regulatory inquiries, or investigations that may be costly and harm our reputation and brand. |
Furthermore, our security solutions may falsely detect applications, content or threats that do not actually exist based on our classifications of application type, virus, malware, vulnerability exploits, data or URL categories. This risk is increased by the inclusion of "heuristics" analysis in our solutions, which attempts to identify threats not based on any known signatures but based on characteristics or anomalies which indicate that a particular item may be a threat. These false positives, while typical in our industry, may impair the perceived reliability of our solutions and may therefore adversely affect market acceptance of our solutions. Also, our anti-spam and anti-malware solutions may falsely identify emails or programs as unwanted spam or potentially unwanted programs, or alternatively fail to properly identify unwanted emails or programs, particularly as spam emails or malware are often designed to circumvent anti-spam or anti-malware solutions. Parties whose emails or programs are blocked by our solutions may seek redress against us for labeling them as spammers or malware or for interfering with their business. In addition, false identification of emails or programs as unwanted spam or potentially unwanted programs may reduce the adoption of our solutions. If our solutions restrict important files or applications based on falsely identifying them as malware or some other item that should be restricted, this could adversely affect customers’ systems and cause material system failures. Any such false identification of important files or applications could result in damage to our reputation, negative publicity, loss of customers and sales, increased costs to remedy any problem and risk of litigation.
If our security measures are breached or unauthorized access to customer data is otherwise obtained or our customers experience data losses, our brand, reputation and business could be harmed and we may incur significant liabilities.
Our customers rely on our security and data protection solutions to secure and store their data, which may include financial records, credit card information, business information, customer information, health information, other personally identifiable information or other sensitive personal information. A breach of our network security and systems or other events that cause the loss or public disclosure of, or access by third parties to, our customers’ stored files or data could have serious negative consequences for our business, including possible fines, penalties and damages, reduced demand for our solutions, an
25
unwillingness of our customers to use our solutions, harm to our brand and reputation, and time-consuming and expensive litigation. The techniques used to obtain unauthorized access, disable or degrade service, or sabotage systems change frequently, often are not recognized until launched against a target, and may originate from less regulated or remote areas around the world. As a result, we may be unable to proactively prevent these techniques, implement adequate preventative or reactionary measures, or enforce the laws and regulations that govern such activities. In addition, because of the large amount of data that we store for our customers, it is possible that hardware failures, human errors or errors in our systems could result in data loss or corruption, or cause the information that we collect to be incomplete or contain inaccuracies that our customers regard as significant. If our customers experience any data loss, or any data corruption or inaccuracies, whether caused by security breaches or otherwise, our brand, reputation and business could be harmed. Moreover, if a high profile security breach occurs with respect to another provider of cloud services, our clients and potential clients may lose trust in the security of the cloud business model generally, which could adversely impact our ability to retain existing clients or attract new ones.
If an actual or perceived breach of network security occurs in our internal systems, our services may be perceived as not being secure and clients may curtail or stop using our solutions.
As a provider of network security solutions, we are a high profile target and our networks and solutions may have vulnerabilities that may be targeted by hackers and could be targeted by attacks specifically designed to disrupt our business and harm our reputation. We will not succeed unless the marketplace continues to be confident that we provide effective network and security protection. If an actual or perceived breach of network security occurs in our internal systems it could adversely affect the market perception of our solutions. We may not be able to correct any security flaws or vulnerabilities promptly, or at all. In addition, such a security breach could impair our ability to operate our business, including our ability to provide subscription and support services to our customers. If this happens, our business and operating results could be adversely affected.
Because our solutions could be used to collect and store personal information of our customers’ employees or customers, privacy concerns could result in additional cost and liability to us or inhibit sales of our solutions.
Personal privacy has become a significant issue in the United States and in many other countries where we offer our solutions. The regulatory framework for privacy issues worldwide is currently complex and evolving, and it is likely to remain uncertain for the foreseeable future. Many federal, state and foreign government bodies and agencies have adopted or are considering adopting laws and regulations regarding the collection, use and disclosure of personal information. In the United States, these include rules and regulations promulgated under the authority of the Federal Trade Commission, the Health Insurance Portability and Accountability Act of 1996 and state breach notification laws. Internationally, virtually every jurisdiction in which we operate has established its own data security and privacy legal framework with which we or our customers must comply, including the Data Protection Directive established in the EU and the Federal Data Protection Act in Germany.
In addition to government regulation, privacy advocacy and industry groups may propose new and different self-regulatory standards that either legally or contractually apply to us. Because the interpretation and application of privacy and data protection laws are still uncertain, it is possible that these laws may be interpreted and applied in a manner that is in conflict with one another, and is inconsistent our existing data management practices or the features of our solutions. If so, in addition to the possibility of fines, lawsuits and other claims, we could be required to fundamentally change our business activities and practices or modify our software, which could have an adverse effect on our business. Any inability to adequately address privacy concerns, even if unfounded, or comply with applicable privacy or data protection laws, regulations and policies, could result in additional cost and liability to us, damage our reputation, inhibit sales and harm our business.
With respect to all of the above, any failure or perceived failure by us or our platform to comply with U.S., EU or other foreign privacy or security laws, policies, industry standards or legal obligations, or any security incident that results in the unauthorized access to, or acquisition, release or transfer of, personally identifiable information or other customer data may result in governmental investigations, inquiries, enforcement actions and prosecutions, private litigation, fines and penalties or adverse publicity. Such actions and penalties could divert management’s attention and resources, adversely affect our business, operating results, financial condition and cash flows, and cause our customers and channel partners to lose trust in our solutions, which could have an adverse effect on our reputation and business.
Any new laws, regulations, other legal obligations or industry standards, or any changed interpretation of existing laws, regulations or other standards may require us to incur additional costs and restrict our business operations. If our privacy or data security measures fail to comply with current or future laws, regulations, policies, legal obligations or industry standards, we may be subject to litigation, regulatory investigations, fines or other liabilities, as well as negative publicity and a potential loss of business. Moreover, if future laws, regulations, other legal obligations or industry standards, or any changed interpretations
26
of the foregoing, limit our customers’ or partners’ ability to use and share personally identifiable information or our ability to store, process and share personally identifiable information or other data, demand for our solutions could decrease, our costs could increase and our business, operating results and financial condition could be harmed.
Furthermore, the costs of compliance with, and other burdens imposed by, the laws, regulations, and policies that are applicable to the businesses of our customers may limit the use and adoption of, and reduce the overall demand for, our solutions. Privacy concerns, whether valid or not valid, may inhibit market adoption of our solutions particularly in certain industries and foreign countries.
Our business is subject to the risks of warranty claims and product liability claims and given our 30-day right to return policy on many of our solutions, we may experience increased frequency of returns, any of which may adversely affect our operating results and financial performance.
Our solutions have contained and may contain undetected defects or errors, especially when first introduced or when new versions are released. Defects or errors could affect the performance of our solutions and could delay the development or release of new solutions or new versions of solutions, adversely affect our reputation and our customers’ willingness to buy solutions from us and adversely affect market acceptance or perception of our offerings. Any such errors or delays in releasing new solutions or new versions of solutions or allegations of unsatisfactory performance could cause us to lose revenue or market share, increase our service costs, cause us to incur substantial costs in redesigning the solutions, cause us to lose significant customers, subject us to liability for damages and divert our resources from other tasks, any one of which could materially and adversely affect our business, operating results and financial condition. Furthermore, we offer customers a 30-day right to return for many of our solutions which is integral to our sales model. If we experience appliance defects, or if we experience increased frequency of returns, our sales cycles, operating results and financial performance may be adversely affected.
In addition, the occurrence of hardware or software errors which result in increased warranty or support claims could result in increased expenses or require us to maintain greater warranty reserves which would have an adverse effect on our business and financial performance.
Our ability to increase sales of our solutions is highly dependent on the quality of our customer support, and our failure to offer high-quality support would have an adverse effect on our business, reputation and operating results.
Our solutions are designed to be deployed by customers in resource-constrained IT environments. Our customers depend on our support services to assist them with questions as they implement our solutions within their IT infrastructure, and after deployment, our customers depend on our support organization to quickly resolve any issues relating to those solutions. A significant level of high-quality support is critical to ensure high rates of renewals and cross-selling of our solutions. Further, as we continue to broaden our portfolio of solutions, increase the size of our customer base and increase the size of our solution deployments within our customers IT infrastructure, we must continue to adapt our customer support organization to ensure that our customers continue to receive the high level of customer service which they have come to expect. If we fail to effectively assist our customers in deploying our solutions, succeed in helping them quickly resolve post-deployment issues or provide effective ongoing support, it could adversely affect our ability to sell our solutions to existing customers, decrease our subscription renewal rates and harm our reputation with potential new customers, all of which would have an adverse effect on our business, reputation and operating results.
If we are unable to hire, retain, train and motivate qualified personnel and senior management, or attract qualified board members, or if our senior management team is unable to perform effectively, our business could suffer.
Our future success depends, in part, on our ability to continue to attract and retain highly skilled personnel and the continued services of our senior management and other key personnel to execute on our business plan and to identify and pursue new opportunities and solution innovations. The loss of the services of our senior management or any of our key personnel, the inability to attract or retain qualified personnel, or delays in hiring required personnel, particularly in engineering and sales and marketing, could significantly delay or prevent the achievement of our development and strategic objectives, and may adversely affect our business, financial condition and operating results. Although we have entered into employment offer letters with our key personnel, these agreements have no specific duration and constitute at-will employment. Our productivity and the quality of our solutions may be adversely affected if we do not integrate and train our new employees quickly and effectively. Furthermore, if we are not effective in retaining our key personnel, our business could be adversely impacted and our operating results and financial condition could be harmed. Also, we recently announced the addition of two new members to our board of directors, and the departure of four of our long standing directors, each of whom served a minimum of ten years on our board. These changes could influence our business and strategic direction.
27
Competition for highly skilled personnel is often intense, especially in the San Francisco Bay Area where we have a substantial presence and need for highly skilled personnel. We may not be successful in attracting, integrating or retaining qualified personnel to fulfill our current or future needs. Also, to the extent we hire personnel from competitors, we may be subject to allegations that they have been improperly solicited, or that they have divulged proprietary or other confidential information, or that their former employers own their inventions or other work product.
Our customer-centric and collaborative corporate culture has contributed to our success, and if we cannot maintain this culture as we grow, we could lose the innovation, creativity and teamwork fostered by our culture, and our business may be harmed.
We believe that a critical contributor to our success has been our corporate culture, which we believe fosters innovation, creativity, a customer-centric focus, collaboration and loyalty. As we grow and change, we may find it difficult to maintain these important aspects of our corporate culture, which could limit our ability to innovate and operate effectively. Any failure to preserve our culture could also negatively affect our ability to retain and recruit personnel, continue to perform at current levels or execute on our business strategy.
We rely on a single source or a limited number of sources for some of our components. Insufficient supply and inventory may result in lost sales opportunities or delayed revenue, while excess inventory may harm our gross profit.
Our inventory management systems and related supply chain visibility tools may be inadequate to enable us to forecast accurately and effectively manage the supply of our components. Additionally, we carry little inventory of our appliances or components, and we rely on our suppliers to deliver necessary components in a timely manner. Insufficient supply levels may lead to shortages that result in delayed revenue or loss of sales opportunities altogether as potential customers turn to competitors’ solutions that could be more readily available. Additionally, any increases in the time required to manufacture our solutions could adversely affect our business, brand, sales cycle and reputation. If we are unable to effectively manage our supply and inventory, our operating results could be adversely affected.
We currently depend on a single source or a limited number of sources for certain components used in the manufacture of our solutions. We are therefore subject to the risk of shortages in supply of these components and the risk that component suppliers discontinue or modify components used in our solutions. If these suppliers were to discontinue production of a necessary part or component, we would be required to expend resources and time in locating and integrating replacement parts or components from another vendor. In addition, the introduction by component suppliers of new versions of their components, particularly if not anticipated by us, could require us to expend resources to incorporate these new components into our solutions. Our reliance on a single source or a limited number of suppliers involves a number of additional risks, including risks related to:
• | supplier capacity constraints; |
• | price volatility; |
• | timely delivery; |
• | component quality; |
• | failure of a key supplier to remain in business and adjust to market conditions; |
• | delays in, or the inability to execute on, a supplier roadmap for components and technologies; and |
• | natural disasters. |
In addition, for certain components, we are subject to potential price increases and limited availability as a result of market demand for these components. In the past, unexpected demand for computer and network products has caused worldwide shortages of certain electronic parts. If similar shortages occur in the future, our business could be adversely affected. We rely on purchase orders rather than long-term contracts with these suppliers, and as a result we might not be able to secure sufficient components, even if they were available, at reasonable prices or of acceptable quality to build appliances in a timely manner and, therefore, might not be able to meet customer demands for our solutions, which would have a material and adverse effect on our business, operating results and financial condition.
28
Assertions by third parties of infringement or other violations by us of their intellectual property rights, or other lawsuits brought against us, could result in significant costs and substantially harm our business and operating results.
Patent and other intellectual property disputes are common in the IT markets in which we compete. Some companies in the IT markets in which we compete, including some of our competitors, own large numbers of patents, copyrights, trademarks and trade secrets, which they may use to assert claims of infringement, misappropriation or other violations of intellectual property rights against us. There also is a market for intellectual property rights and a competitor, or other entity, could acquire intellectual property rights and assert similar claims based on the acquired intellectual property rights. They may also assert such claims against our customers or channel partners. As the number of patents and competitors in our market increase and overlaps occur, claims of infringement, misappropriation and other violations of intellectual property rights may increase. From time to time, we face allegations that we, our customers or our channel partners have infringed, misappropriated and violated intellectual property rights, including allegations made by our competitors or by non-practicing entities. For example, in fiscal 2016 we entered into an intellectual property settlement agreement whereby we agreed to make certain future cash payments to a third party in exchange for a license to certain patents and a covenant by the third party not to sue for any past or future infringement of such licensed patents. Our broad solution portfolio and the number of network and IT markets in which we compete further exacerbate this risk. Any claim of infringement, misappropriation or other violation of intellectual property rights by a third party, even those without merit, could cause us to incur substantial costs defending against the claim and could distract our management from our business.
In addition, future assertions of patent rights by third parties, and any resulting litigation, may involve non-practicing entities or other adverse patent owners who have no relevant revenue and against whom our own patents may therefore provide little or no deterrence or protection. We cannot assure you that we are not infringing or otherwise violating any third-party intellectual property rights.
An adverse outcome of a dispute may require us to, among other things, pay substantial damages including treble damages if we are found to have willfully infringed a third party’s patents or copyrights; cease making, using, selling, licensing, importing or otherwise commercializing solutions that are alleged to infringe or misappropriate the intellectual property rights of others; expend additional development resources to attempt to redesign our solutions or otherwise to develop non-infringing technology, which may not be successful; enter into potentially unfavorable royalty or license agreements in order to obtain the right to use necessary technologies or intellectual property rights or have royalty obligations imposed by a court; and indemnify our customers, partners and other third parties. Furthermore, we have agreed in certain instances to defend our channel partners against third-party claims asserting infringement of certain intellectual property rights, which may include patents, copyrights, trademarks or trade secrets, and to pay judgments entered on such claims. Any damages or royalty obligations we may become subject to, any prohibition against our commercializing our solutions and any third-party indemnity we may need to provide, as a result of an adverse outcome could harm our operating results.
Our use of open source technology could impose limitations on our ability to commercialize our solutions.
We use open source software in our solutions, and although we monitor our use of open source software to avoid subjecting our solutions to conditions we do not intend, the terms of many open source licenses have not been interpreted by U.S. or foreign courts. As a result, there is a risk that these licenses could be construed in a way that could impose unanticipated conditions or restrictions on our ability to commercialize our solutions. From time to time, we may face claims from third parties claiming ownership of, or demanding release of, the open source software or derivative works that we have developed using such software or otherwise seeking to enforce the terms of the applicable open source license. In such an event, we could be required to seek licenses from third parties to continue offering our solutions, to make our proprietary code generally available in source code form, to re-engineer our solutions or to discontinue the sale of our solutions if re-engineering could not be accomplished on a timely basis, any of which could adversely affect our business, operating results and financial condition.
Failure to protect our proprietary technology and intellectual property rights could substantially harm our business and operating results.
The success of our business depends on our ability to protect and enforce our patents, trademarks, copyrights, trade secrets and other intellectual property rights. We attempt to protect our intellectual property under patent, trademark, copyright and trade secret laws, and through a combination of confidentiality procedures, contractual provisions and other methods, all of which offer only limited protection.
As of February 28, 2017, we had 65 issued patents in the United States, but this number of patents is relatively small in comparison to some of our competitors and potential competitors. Additionally, as of February 28, 2017, we had 22 pending U.S. patent applications, and may file additional patent applications in the future. The process of obtaining patent protection is
29
expensive and time-consuming, and we may not be able to prosecute all necessary or desirable patent applications at a reasonable cost or in a timely manner. We may choose not to seek patent protection for certain innovations and may choose not to pursue patent protection in certain jurisdictions. Furthermore, it is possible that our patent applications may not issue as granted patents, that the scope of our issued patents will be insufficient or not have the coverage originally sought, that our issued patents will not provide us with any competitive advantages, and that our patents and other intellectual property rights may be challenged by others or invalidated through administrative process or litigation. In addition, issuance of a patent does not guarantee that we have an absolute right to practice the patented invention, or that we have the right to exclude others from practicing the claimed invention. As a result, we may not be able to obtain adequate patent protection or to enforce our issued patents effectively.
In addition to patented technology, we rely on our unpatented proprietary technology and trade secrets. Despite our efforts to protect our proprietary technology and trade secrets, unauthorized parties may attempt to misappropriate, reverse engineer or otherwise obtain and use them. The contractual provisions that we enter into with employees, consultants, partners, vendors and customers may not prevent unauthorized use or disclosure of our proprietary technology or intellectual property rights and may not provide an adequate remedy in the event of unauthorized use or disclosure of our proprietary technology or intellectual property rights. Moreover, policing unauthorized use of our technologies, solutions and intellectual property is difficult, expensive and time-consuming, particularly in foreign countries where the laws may not be as protective of intellectual property rights as those in the United States and where mechanisms for enforcement of intellectual property rights may be weak. We may be unable to determine the extent of any unauthorized use or infringement of our solutions, technologies or intellectual property rights.
From time to time, legal action by us may be necessary to enforce our patents and other intellectual property rights, to protect our trade secrets, to determine the validity and scope of the intellectual property rights of others or to defend against claims of infringement or invalidity. Such litigation could result in substantial costs and diversion of resources and could negatively affect our business, operating results, financial condition and cash flows. If we are unable to protect our intellectual property rights, we may find ourselves at a competitive disadvantage to others who need not incur the additional expense, time and effort required to create the innovative solutions that have enabled us to be successful to date.
We rely on the availability of third-party licenses for some of our solutions.
Some of our solutions include software or other intellectual property licensed from third parties. It may be necessary in the future to renew licenses relating to various aspects of these solutions or to seek new licenses for existing or new solutions. There can be no assurance that the necessary licenses will be available on acceptable terms, if at all. The inability to obtain certain licenses or other rights or to obtain such licenses or rights on favorable terms, could result in delays in solution releases until equivalent technology can be identified, licensed or developed, if at all, and integrated into our solutions and may have a material adverse effect on our business, operating results and financial condition. In addition, third parties may allege that additional licenses are required for our use of their software or intellectual property, and we may be unable to obtain such licenses on commercially reasonable terms or at all. Moreover, the inclusion in our solutions of software or other intellectual property licensed from third parties on a nonexclusive basis could limit our ability to differentiate our solutions from those of our competitors.
As a public company, we are obligated to develop and maintain proper and effective internal control over financial reporting. We may not complete our analysis of our internal control over financial reporting in a timely manner, or these internal controls may not be determined to be effective, which may adversely affect investor confidence in our company and, as a result, the value of our common stock.
Ensuring that we have adequate internal financial and accounting controls and procedures in place so that we can produce accurate financial statements on a timely basis is a costly and time-consuming effort. Our internal control over financial reporting is designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements in accordance with GAAP. We are in the costly and challenging process of compiling the system and processing documentation necessary to perform the evaluation needed to comply with Section 404 of the Sarbanes-Oxley Act of 2002 (the "Sarbanes-Oxley Act"). We may not be able to complete our evaluation, testing and any required remediation in a timely fashion. During the evaluation and testing process, if we identify one or more material weaknesses in our internal control over financial reporting, we will be unable to assert that our internal controls are effective.
We do not expect that disclosure controls or internal controls over financial reporting will prevent all errors and all fraud. A control system, no matter how well designed and operated, can provide only reasonable, not absolute, assurance that the control system’s objectives will be met. If we are unable to assert that our internal control over financial reporting is effective,
30
we could lose investor confidence in the accuracy and completeness of our financial reports, which would cause the price of our common stock to decline, and we may be subject to investigation or sanctions by the SEC.
We are required, pursuant to Section 404 of the Sarbanes-Oxley Act to furnish a report by management on, among other things, the effectiveness of our internal control over financial reporting as of the end of our fiscal year. This assessment will need to include disclosure of any material weaknesses identified by our management in our internal control over financial reporting.
We are required to disclose changes made in our internal controls and procedures on a quarterly basis. However, our independent registered public accounting firm will not be required to report on the effectiveness of our internal control over financial reporting pursuant to Section 404 of the Sarbanes-Oxley Act until the date we are no longer an "emerging growth company" as defined in the Jumpstart Our Business Startups Act of 2012 (the "JOBS Act"). At such time, our independent registered public accounting firm may issue a report that is adverse in the event it is not satisfied with the level at which our controls are documented, designed or operating. Our remediation efforts may not enable us to avoid a material weakness in the future.
Additionally, to comply with the requirements of being a public company, we may need to undertake various actions, such as implementing new internal controls and procedures and hiring accounting or internal audit staff, which may adversely affect our operating results and financial condition.
If our solutions do not interoperate with our end-customers’ infrastructure, sales of our solutions could be negatively affected, which would harm our business.
Our solutions must interoperate with our end-customers’ existing infrastructure, which often have different specifications, utilize multiple protocol standards, deploy products from multiple vendors, and contain multiple generations of products that have been added over time. As a result, when problems occur in a network, it may be difficult to identify the sources of these problems. Any delays in identifying the sources of problems or in providing necessary modifications to our software or hardware could have a negative impact on our reputation and our customers’ satisfaction with our solutions, and our ability to sell solutions could be adversely affected. In addition, customers may require our solutions to comply with certain security or other certifications and standards. If our solutions are late in achieving or fail to achieve compliance with these certifications and standards, or our competitors achieve compliance with these certifications and standards, we may be disqualified from selling our solutions to such end-customers, or at a competitive disadvantage, which would harm our business, operating results and financial condition.
If our solutions fail to help our customers achieve and maintain compliance with government regulations and industry standards, our business and operating results could be materially adversely affected.
We generate a portion of our revenues from our solutions because they help organizations achieve and maintain compliance with government regulations and industry standards. For example, many of our customers purchase our security and data protection solutions to help them comply with the security standards developed and maintained by the Payment Card Industry Security Standards Council (the "PCI Council"), which apply to companies that process or store credit card information. Industry organizations like the PCI Council may significantly change their security standards with little or no notice, including changes that could make their standards more or less onerous for businesses. Governments may also adopt new laws or regulations, or make changes to existing laws or regulations, that could impact whether our solutions enable our customers to demonstrate, maintain or audit their compliance. If we are unable to adapt our solutions to changing regulatory standards in a timely manner, or if our solutions fail to expedite our customers’ compliance initiatives, our customers may lose confidence in our solutions and could switch to solutions offered by our competitors. In addition, if regulations and standards related to data security are changed in a manner that makes them less onerous, our customers may view government and industry regulatory compliance as less critical to their businesses, and our customers may be less willing to purchase our solutions. In either case, our business, financial condition and operating results may suffer.
Our sales to government entities are subject to a number of challenges and risks.
We sell to state and local governmental agency customers, particularly schools, and we may increase sales to government entities in the future. Sales to government entities are subject to a number of challenges and risks. Selling to government entities can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that these efforts will generate a sale. Government certification requirements for solutions like ours may change and in doing so restrict our ability to sell into the federal government sector until we have attained the revised certification. Government demand and payment for our solutions may be impacted by public sector budgetary cycles and funding
31
authorizations, with funding reductions or delays adversely affecting public sector demand for our solutions. Government entities may have statutory, contractual or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default, and any such termination may adversely impact our future operating results.
Our failure to generate the significant capital necessary to expand our operations and invest in new solutions could reduce our ability to compete and could harm our business.
We may need to raise additional funds in the future, and we may not be able to obtain additional debt or equity financing on favorable terms, if at all. If we raise additional equity financing, our stockholders may experience significant dilution of their ownership interests and the per share value of our common stock could decline. Furthermore, if we engage in debt financing, the holders of debt would have priority over the holders of our common stock, and we may be required to accept terms that restrict our ability to incur additional indebtedness. We may also be required to take other actions that would otherwise be in the interests of the debt holders and force us to maintain specified liquidity or other ratios, any of which could harm our business, operating results and financial condition. If we need additional capital and cannot raise it on acceptable terms, we may not be able to, among other things:
• | develop or enhance our solutions; |
• | continue to expand our sales and marketing and research and development organizations; |
• | acquire or invest in complementary businesses, solutions or technologies; |
• | expand operations in the United States or internationally; |
• | hire, train and retain employees; or |
• | respond to competitive pressures or unanticipated working capital requirements. |
Our failure to do any of these things could adversely affect our business, financial condition and operating results.
We are exposed to the credit risk of some of our distributors, resellers and customers and to credit exposure in weakened markets, which could result in material losses.
Most of our sales are on an open credit basis. Although we have programs in place that are designed to monitor and mitigate these risks, and our broad customer base and channel partner network mitigate these risks, we cannot assure you these programs will be effective in reducing our credit risks, especially as we expand our business internationally. Additionally, as our accounts receivable continue to increase, these risks, including the risk of doubtful accounts, will be exacerbated. If we are unable to adequately control these risks, our business, operating results and financial condition could be adversely affected.
If our estimates or judgments relating to our critical accounting policies are based on assumptions that change or prove to be incorrect, our operating results could fall below expectations of securities analysts and investors, resulting in a decline in our stock price.
The preparation of financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the amounts reported in the condensed consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, the results of which form the basis for making judgments about the carrying values of assets and liabilities that are not readily apparent from other sources. Our operating results may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our operating results to fall below the expectations of securities analysts and investors, resulting in a decline in our stock price. Significant assumptions and estimates used in preparing our condensed consolidated financial statements include those related to revenue recognition, stock-based compensation expense, valuation of inventory and accounting for income taxes.
Unanticipated changes in effective tax rates or adverse outcomes resulting from examination of our income or other tax returns could adversely affect our operating results and financial condition.
We are subject to income taxes in the United States and various foreign jurisdictions, and our domestic and international tax liabilities will be subject to the allocation of expenses in differing jurisdictions. Our future effective tax rates could be subject to volatility or adversely affected by a number of factors, including:
32
• | changes in the valuation of our deferred tax assets and liabilities; |
• | expected timing and amount of the release of tax valuation allowances; |
• | detrimental changes in research and development tax credit laws; |
• | tax effects of stock-based compensation; |
• | costs related to intercompany restructurings; |
• | changes in tax laws, regulations, accounting principles or interpretations thereof; or |
• | future earnings being lower than anticipated in countries where we have lower statutory tax rates and higher than anticipated earnings in countries where we have higher statutory tax rates. |
In addition, we may be subject to audits of our income and sales taxes by the Internal Revenue Service and other foreign and state tax authorities. Outcomes from these audits could have an adverse effect on our operating results and financial condition.
The nature of our business requires the application of complex revenue and expense recognition rules and the current legislative and regulatory environment affecting generally accepted accounting principles is uncertain. Significant changes in current principles could affect our financial statements going forward and changes in financial accounting standards or practices may cause adverse, unexpected financial reporting fluctuations and harm our operating results.
The accounting rules and regulations that we must comply with are complex and subject to interpretation by the Financial Accounting Standards Board ("FASB"), the SEC and various bodies formed to promulgate and interpret appropriate accounting principles. Recent actions and public comments from the FASB and the SEC have focused on the integrity of financial reporting and internal controls. In addition, many companies’ accounting policies are being subject to heightened scrutiny by regulators and the public. Changes in financial accounting standards or practices can have a significant effect on our reported results and may even affect our reporting of transactions completed before the change is effective. New accounting pronouncements and varying interpretations of accounting pronouncements have occurred and may occur in the future that could materially impact our financial statements. For example, the FASB issued an accounting standards update related to revenue from contracts with customers, which supersedes the revenue recognition requirements in the current Accounting Standards Codification.
We are in the early stages of our evaluation of the impact of the new standard on our accounting policies, processes and system requirements and have not made a final decision regarding the adoption method. Our final determination will depend on a number of factors, such as the significance of the impact of the new standard on our financial results, system readiness, and our ability to accumulate and analyze the information necessary to assess the impact on prior period financial statements, as necessary. While we continue to assess the potential impacts of the new standard, we anticipate this standard could have an impact on our consolidated financial statements. However, we cannot reasonably estimate quantitative information related to the impact of the new standard on our financial statements at this time. The application of this new guidance may result in a change in the timing and pattern of revenue recognition. We cannot predict the impact of future changes to accounting principles or our accounting policies on our financial statements going forward, which could have a significant effect on our reported financial results, and could affect the reporting of transactions completed before the announcement of the change. In addition, if we were to change our critical accounting estimates, including those related to the recognition of revenue, our operating results could be significantly affected.
Our business is subject to the risks of earthquakes, fire, power outages, floods and other catastrophic events and to interruption by man-made problems such as terrorism.
A significant natural disaster, such as an earthquake, fire, flood or significant power outage could have a material adverse impact on our business, operating results and financial condition. Both our corporate headquarters and the location where our solutions are manufactured are located in the San Francisco Bay Area, a region known for seismic activity. In addition, natural disasters could affect our supply chain, manufacturing vendors, logistics providers’ or data center hosting providers’ ability to provide materials and perform services on a timely basis. In the event our or our service providers’ IT systems or manufacturing or logistics abilities are hindered by any of the events discussed above, shipments could be delayed, and our solutions could become unavailable resulting in missed financial targets, such as revenue and shipment targets, for a particular quarter. In addition, acts of terrorism and other geo-political unrest could cause disruptions in our business or the business of our supply
33
chain, manufacturers, logistics providers, partners or customers or the economy as a whole. Any disruption in the business of our supply chain, manufacturers, logistics providers, data center hosting partners or customers that impacts sales at the end of a fiscal quarter could have a significant adverse impact on our quarterly results. All of the aforementioned risks may be further increased if the disaster recovery plans for us and our suppliers prove to be inadequate. To the extent that any of the above should result in delays or cancellations of customer orders, or the delay in the manufacture, deployment or shipment of our solutions, our business, financial condition and operating results would be adversely affected.
If we fail to comply with environmental requirements, our business, financial condition, operating results and reputation could be adversely affected.
We are subject to various environmental laws and regulations including laws governing the hazardous material content of our solutions and laws relating to the collection of and recycling of electrical and electronic equipment. Examples of these laws and regulations include the EU Restrictions of Hazardous Substances Directive (the "RoHS Directive") and the EU Waste Electrical and Electronic Equipment Directive (the "WEEE Directive"), as well as the implementing legislation of the EU member states. Similar laws and regulations have been passed or are pending in China, South Korea, Norway and Japan and may be enacted in other regions, including in the United States, and we are, or may in the future be, subject to these laws and regulations.
The RoHS Directive and the similar laws of other jurisdictions ban the use of certain hazardous materials such as lead, mercury and cadmium in the manufacture of electrical equipment, including our solutions. Currently, we and other manufacturers of our hardware appliances and major component part suppliers comply with the RoHS Directive requirements. However, if there are changes to this or other laws (or their interpretation) or if new similar laws are passed in other jurisdictions, we may be required to re-engineer our solutions to use components compatible with these regulations. This re-engineering and component substitution could result in additional costs to us or disrupt our operations or logistics.
The WEEE Directive requires electronic goods producers to be responsible for the collection, recycling and treatment of such solutions. Changes in interpretation of the directive may cause us to incur costs or have additional regulatory requirements to meet in the future in order to comply with this directive, or with any similar laws adopted in other jurisdictions.
Our failure to comply with past, present and future similar laws could result in reduced sales of our solutions, inventory write-offs, reputational damage, penalties and other sanctions, any of which could harm our business and financial condition. We also expect that our solutions will be affected by new environmental laws and regulations on an ongoing basis. To date, our expenditures for environmental compliance have not had a material impact on our results of operations or cash flows, and although we cannot predict the future impact of such laws or regulations, they will likely result in additional costs and may increase penalties associated with violations or require us to change the content of our solutions or how they are manufactured, which could have a material adverse effect on our business, operating results and financial condition.
Regulations related to conflict minerals may cause us to incur additional expenses and could limit the supply and increase the costs of certain metals used in the manufacturing of our appliances.
As a public company, we are subject to certain requirements under the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (the "Dodd-Frank Act") that require us to diligence, disclose and report whether or not our appliances contain conflict minerals. As a recently public company, we filed our initial report with respect to conflict minerals in May 2016 for the 2015 calendar year. The implementation of these requirements could adversely affect the sourcing, availability and pricing of the materials used in the manufacture of components used in our solutions. In addition, we will incur additional costs to comply with the disclosure requirements, including costs related to conducting diligence procedures to determine the sources of conflict minerals that may be used or necessary to the production of our appliances and, if applicable, potential changes to appliances, processes or sources of supply as a consequence of such verification activities. It is also possible that we may face reputational harm if we determine that certain of our appliances contain minerals not determined to be conflict free or if we are unable to alter our appliances, processes or sources of supply to avoid such materials.
34
Risks Related to Ownership of Our Common Stock
Our actual operating results may differ significantly from our guidance.
From time to time, we have released, and may continue to release guidance in our quarterly earnings conference call, quarterly earnings releases, or otherwise, regarding our future performance that represents our management’s estimates as of the date of release. This guidance, which includes forward-looking statements, has been and will be based on projections prepared by our management. These projections are not prepared with a view toward compliance with published guidelines of the American Institute of Certified Public Accountants, and neither our registered public accountants nor any other independent expert or outside party compiles or examines the projections. Accordingly, no such person expresses any opinion or any other form of assurance with respect to the projections.
Projections are based upon a number of assumptions and estimates that, while presented with numerical specificity, are inherently subject to significant business, economic and competitive uncertainties and contingencies, many of which are beyond our control and are based upon specific assumptions with respect to future business decisions, some of which will change. We intend to state possible outcomes as high and low ranges which are intended to provide a sensitivity analysis as variables are changed but are not intended to imply that actual results could not fall outside of the suggested ranges. The principal reason that we release guidance is to provide a basis for our management to discuss our business outlook with analysts and investors. We do not accept any responsibility for any projections or reports published by any such third parties.
Guidance is necessarily speculative in nature, and it can be expected that some or all of the assumptions underlying the guidance furnished by us will not materialize or will vary significantly from actual results. Accordingly, our guidance is only an estimate of what management believes is realizable as of the date of release. Actual results may vary from our guidance and the variations may be material. We undertake no obligation to make revisions or publicly update our guidance in advance of actual results unless required by law. In light of the foregoing, investors are urged to consider all of the information we make publicly available in making an investment decision regarding our common stock and not rely solely upon our guidance.
Any failure to successfully implement our operating strategy or the occurrence of any of the events or circumstances set forth in this "Risk Factors" section could result in the actual operating results being different from our guidance, and the differences may be adverse and material.
We cannot assure you that our stock repurchase program will result in additional repurchases of our common stock or enhance long-term stockholder value, and repurchases, if any, could affect our stock price and increase its volatility and will diminish our cash reserves.
In September 2015, our board of directors authorized a stock repurchase program. Under this program, we are authorized to repurchase shares of our own common stock for an aggregate purchase price not to exceed $50.0 million through September 30, 2017. Although our board of directors has authorized the stock repurchase program, the stock repurchase program does not obligate us to repurchase any specific dollar amount or to acquire any specific number of shares. Stock will be purchased from time to time, in the open market or through private transactions, subject to market condition, in compliance with applicable state and federal securities laws. The timing and amount of repurchases, if any, will depend upon several factors, including market and business conditions, the trading price of our common stock and the nature of other investment opportunities. As of February 28, 2017, we had purchased approximately 2.0 million shares of common stock under this program at a weighted average price of $13.40 per share for an aggregate purchase price of $26.8 million.
Our stock repurchase program could affect our stock price and increase its volatility and will reduce the market liquidity for our stock. Additionally, our stock repurchase program could diminish our cash reserves, which may impact our ability to finance future growth and to pursue possible future strategic opportunities and acquisitions. There can be no assurance that any repurchases will enhance stockholder value because the market price of our common stock may decline below the levels at which we repurchased shares of stock. Although our stock repurchase program is intended to enhance long-term stockholder value, short-term stock price fluctuations could reduce the effectiveness of these repurchases.
Our share price has been and may continue to be volatile, and you may be unable to sell your shares at or above the price at which you purchased your stock.
Technology stocks have historically experienced high levels of volatility. The trading price of our common stock has been and is likely to continue to be highly volatile and subject to wide fluctuations in response to various factors, some of which are beyond our control and may not be related to our operating performance. Furthermore, our stock repurchase program could affect our stock price and increase its volatility and will reduce the market liquidity for our stock. Since shares of our common
35
stock were sold in our initial public offering in November 2013 at a price of $18.00 per share, the reported high and low sales prices of our common stock have ranged from $9.44 to $46.78 through February 28, 2017. These fluctuations could cause you to lose all or part of your investment in our common stock. Factors that may cause the market price of our common stock to fluctuate include:
• | price and volume fluctuations in the overall stock market from time to time; |
• | significant volatility in the market price and trading volume of technology companies in general, and of companies in our industry; |
• | actual or anticipated changes in our results of operations or fluctuations in our operating results; |
• | whether our operating results meet the expectations of securities analysts or investors; |
• | actual or anticipated changes in the expectations of investors or securities analysts; |
• | actual or anticipated developments in our competitors’ businesses or the competitive landscape generally; |
• | developments or disputes concerning our intellectual property or other proprietary rights; |
• | litigation or investigations involving us, our industry or both; |
• | regulatory developments in the United States, foreign countries or both; |
• | general economic conditions and trends; |
• | major catastrophic events; |
• | our stock repurchase program; |
• | sales of large blocks of our stock; or |
• | major changes in our board of directors or management or departures of key personnel. |
In addition, if the market for technology stocks, or the stock market in general, experiences a loss of investor confidence, the trading price of our common stock could decline for reasons unrelated to our business, operating results or financial condition. The trading price of our common stock might also decline in reaction to events that affect other companies in our industry even if these events do not directly affect us.
In the past, following periods of volatility in the market price of a company’s securities, securities class action litigation has often been brought against that company. If our stock price is volatile, we may become the target of securities litigation. Securities litigation could result in substantial costs and divert our management’s attention and resources from our business, and this could have a material adverse effect on our business, operating results and financial condition.
Sales of outstanding shares of our common stock into the market in the future could cause the market price of our common stock to drop significantly.
If our existing stockholders sell, or indicate an intent to sell, substantial amounts of our common stock in the public market, the trading price of our common stock could decline. As of February 28, 2017, there were 52,897,128 shares of common stock outstanding. All outstanding shares are freely tradable, unless such shares are held by "affiliates," as that term is defined in Rule 144 of the Securities Act of 1933, as amended.
In addition, we have filed registration statements on Form S-8 to register all shares subject to outstanding options and restricted stock units or reserved for future issuance under our equity compensation plans. If these additional shares are sold, or if it is perceived that they will be sold, in the public market, the trading price of our common stock could decline.
If securities analysts do not publish research or reports about our business, or if they downgrade our stock, the price of our stock could decline.
36
The trading market for our common stock could be influenced by any research and reports that securities or industry analysts publish about us or our business. In the event securities analysts who cover our company downgrade our stock or publish inaccurate or unfavorable research about our business, our stock price would likely decline. If one or more of these analysts cease coverage of our company or fail to publish reports on us regularly, demand for our stock could decrease, which could cause our stock price and trading volume to decline.
The requirements of being a public company may strain our resources, divert management’s attention and affect our ability to attract and retain executive management and qualified board members.
As a public company, we are subject to the reporting requirements of the Exchange Act, the Sarbanes-Oxley Act, the Dodd-Frank Act, the listing requirements of the New York Stock Exchange (the "NYSE") and other applicable securities rules and regulations. Compliance with these rules and regulations will increase our legal and financial compliance costs, make some activities more difficult, time-consuming or costly and increase demand on our systems and resources, particularly after we are no longer an "emerging growth company," as defined in the JOBS Act. The Exchange Act requires, among other things, that we file annual, quarterly and current reports with respect to our business and operating results. The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. In order to maintain and, if required, improve our disclosure controls and procedures and internal control over financial reporting to meet this standard, significant resources and management oversight may be required. As a result, management’s attention may be diverted from other business concerns, which could adversely affect our business and operating results. Although we have already hired additional employees to comply with these requirements, we may need to hire more employees in the future or engage outside consultants, which will increase our costs and expenses.
In addition, changing laws, regulations and standards relating to corporate governance and public disclosure are creating uncertainty for public companies, increasing legal and financial compliance costs and making some activities more time consuming. These laws, regulations and standards are subject to varying interpretations, in many cases due to their lack of specificity, and, as a result, their application in practice may evolve over time as new guidance is provided by regulatory and governing bodies. This could result in continuing uncertainty regarding compliance matters and higher costs necessitated by ongoing revisions to disclosure and governance practices. We intend to invest resources to comply with evolving laws, regulations and standards, and this investment may result in increased general and administrative expenses and a diversion of management’s time and attention from revenue-generating activities to compliance activities. If our efforts to comply with new laws, regulations and standards differ from the activities intended by regulatory or governing bodies due to ambiguities related to their application and practice, regulatory authorities may initiate legal proceedings against us, and our business may be adversely affected. However, for as long as we remain an "emerging growth company," we may take advantage of certain exemptions from various reporting requirements that are applicable to public companies that are not "emerging growth companies" including, but not limited to, not being required to comply with the auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act, reduced disclosure obligations regarding executive compensation in our periodic reports and proxy statements, and exemptions from the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. We may take advantage of these reporting exemptions until we are no longer an "emerging growth company."
We will cease to be an "emerging growth company" upon the earliest of: (i) the end of our fiscal year 2019, (ii) the beginning of our first fiscal year after our annual gross revenues are $1.0 billion or more, (iii) the date on which we have, during the previous three-year period, issued more than $1.0 billion in non-convertible debt securities or (iv) as of the end of any fiscal year in which the market value of our common stock held by non-affiliates exceeded $700 million as of the end of the second quarter of that fiscal year.
As a public company, our business and financial condition have become more visible, which we believe may result in threatened or actual litigation, including by competitors and other third parties. If such claims are successful, our business and operating results could be adversely affected, and even if the claims do not result in litigation or are resolved in our favor, these claims, and the time and resources necessary to resolve them, could divert the resources of our management and adversely affect our business and operating results.
We are an "emerging growth company," and we cannot be certain if the reduced disclosure requirements applicable to emerging growth companies will make our common stock less attractive to investors.
We are an "emerging growth company," as defined in the JOBS Act, and we may take advantage of certain exemptions from various reporting requirements that are applicable to public companies that are not "emerging growth companies" including, but not limited to, not being required to comply with the auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act, reduced disclosure obligations regarding executive compensation in our periodic reports and proxy
37
statements, and exemptions from the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. We cannot predict if investors will find our common stock less attractive because we may rely on these exemptions. If some investors find our common stock less attractive as a result, there may be a less active trading market for our common stock, and our stock price may be more volatile.
We do not intend to pay dividends for the foreseeable future.
We anticipate that we will retain all of our future earnings for use in the development of our business and for general corporate purposes. Any determination to pay dividends in the future will be at the discretion of our board of directors. In addition, our existing credit facility restricts and any future indebtedness may restrict our ability to pay dividends. Accordingly, investors must rely on sales of their common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investments. Investors seeking cash dividends should not purchase our common stock.
We have incurred and will continue to incur increased costs as a result of being a public company.
As a public company, we have incurred and will continue to incur significant legal, accounting and other expenses that we did not incur as a private company. In addition, rules implemented by the SEC and the NYSE require certain corporate governance practices by public companies. These rules and regulations increase our legal and financial compliance costs and make some activities more time-consuming and costly. We also incur additional costs associated with our public company reporting requirements. These rules and regulations may also make it more difficult and more expensive for us to obtain director and officer liability insurance, and we may be required to accept reduced policy limits and coverage or incur substantially higher costs to obtain the same or similar coverage. As a result, it may be more difficult for us to attract and retain qualified people to serve on our board of directors or as executive officers.
Provisions in our certificate of incorporation and bylaws and under Delaware law might discourage, delay or prevent a change of control of our company or changes in our management and, therefore, depress the trading price of our common stock.
Our amended and restated certificate of incorporation and amended and restated bylaws contain provisions that could depress the trading price of our common stock by acting to discourage, delay or prevent a change of control of our company or changes in our management that the stockholders of our company may deem advantageous. These provisions:
• | establish a classified board of directors so that not all members of our board of directors are elected at one time; |
• | authorize the issuance of "blank check" preferred stock that our board of directors could issue to increase the number of outstanding shares to discourage a takeover attempt; |
• | prohibit stockholder action by written consent, which requires all stockholder actions to be taken at a meeting of our stockholders; |
• | prohibit stockholders from calling a special meeting of our stockholders; |
• | provide that the board of directors is expressly authorized to make, alter or repeal our bylaws; |
• | establish advance notice requirements for nominations for elections to our board of directors or for proposing matters that can be acted upon by stockholders at stockholder meetings; and |
• | provide that a state or federal court located within the State of Delaware will be the exclusive forum for any derivative action brought on our behalf, any action asserting a breach of fiduciary duty, any action asserting a claim against us arising under the Delaware General Corporation Law and certain other claims. |
Additionally, we are subject to Section 203 of the Delaware General Corporation Law, which generally prohibits a Delaware corporation from engaging in any of a broad range of business combinations with any "interested" stockholder for a period of three years following the date on which the stockholder became an "interested" stockholder and which may discourage, delay or prevent a change of control of our company.
The provisions of our amended and restated certificate of incorporation and amended and restated bylaws may frustrate or prevent attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors, which is responsible for appointing the members of our management. The
38
provisions of our amended and restated certificate of incorporation and amended and restated bylaws or Delaware law may also have the effect of delaying or deterring a change in control, which could limit the opportunity for our stockholders to receive a premium for their shares of our common stock, and could also affect the price that some investors are willing to pay for our common stock.
Item 1B. Unresolved Staff Comments
None.
Item 2. Properties
Our principal executive offices consist of approximately 61,400 square feet of office space that we own in Campbell, California. We also lease approximately 42,000 square feet of office space for research and development in Ann Arbor, Michigan and approximately 47,000 square feet of office space for manufacturing and customer support in San Jose, California, with leases that expire in October 2017 and August 2018, respectively. We have additional office locations throughout the United States and in various international locations.
We believe that our existing facilities are adequate and sufficient for our current needs. We intend to add new facilities and expand our existing facilities as we add employees and grow our business, and we believe that additional or substitute space will be available on commercially reasonable terms to meet our future needs.
Item 3. Legal Proceedings
On April 18, 2016, R. David Hunt, as Seller Representative of the shareholders of C2C Systems Limited ("C2C"), filed a lawsuit against us in the Court of Chancery of the State of Delaware, for alleged breach of contract of the Share Purchase Agreement dated August 13, 2014, pursuant to which we acquired all of the assets and liabilities of C2C. On February 15, 2017, the parties entered into a settlement agreement in which we agreed to pay $1.25 million to the shareholders of C2C in exchange for a settlement of all claims under the Share Purchase Agreement. On February 17, 2017, the case was dismissed with prejudice.
On February 27, 2017, Realtime Data LLC filed a lawsuit against us in the United States District Court for the Eastern District of Texas, Tyler Division, alleging that certain of our products infringe U.S. patent numbers 9,054,728, 7,415,530, 9,116,908 and 8,717,204. We responded to the complaint on April 24, 2017. Given the early stage of the matter, we are unable to estimate a possible loss or range of possible loss, if any.
We may, from time to time, be party to litigation and subject to claims that arise in the ordinary course of business. In addition, third parties may, from time to time, assert claims against us in the form of letters and other communications. We currently believe that these ordinary course matters will not have a material adverse effect on our business, consolidated financial position, results of operations or cash flows; however, the results of litigation and claims are inherently unpredictable. Regardless of the outcome, litigation can have an adverse impact on us because of defense and settlement costs, diversion of management resources and other factors.
Item 4. Mine Safety Disclosures
Not applicable.
39
PART II
Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities
Market Information
Our common stock is listed on the NYSE under the symbol "CUDA." The following table sets forth for the periods indicated the high and low sales prices of our common stock as reported on the NYSE.
Fiscal 2016 | Fiscal 2017 | ||||||||||||||||||||||||||||||
Q1 | Q2 | Q3 | Q4 | Q1 | Q2 | Q3 | Q4 | ||||||||||||||||||||||||
High | $ | 46.78 | $ | 43.22 | $ | 29.99 | $ | 19.88 | $ | 18.60 | $ | 23.90 | $ | 26.69 | $ | 25.66 | |||||||||||||||
Low | $ | 35.25 | $ | 21.85 | $ | 14.77 | $ | 9.44 | $ | 12.87 | $ | 13.91 | $ | 21.85 | $ | 20.64 |
On February 28, 2017, the last reported sale price of our common stock on the NYSE was $23.66 per share.
Holders of Record
As of March 31, 2017, there were 91 holders of record of our common stock. Because many of our shares of common stock are held by brokers and other institutions on behalf of stockholders, we are unable to estimate the total number of stockholders represented by these record holders.
Dividend Policy
We currently intend to retain all available funds and any future earnings for use in the operation of our business and do not anticipate paying any dividends on our common stock in the foreseeable future, if at all. Additionally, our ability to pay dividends on our common stock is limited by restrictions on our ability to pay dividends or make distributions under the terms of our existing credit facility. Any future determination to declare dividends will be made at the discretion of our board of directors and will depend on our financial condition, operating results, capital requirements, general business conditions and other factors that our board of directors may deem relevant.
Issuer Purchases of Equity Securities
In September 2015, our board of directors authorized a stock repurchase program. Under the program, we are authorized to repurchase shares of our common stock for an aggregate purchase price not to exceed $50.0 million through September 30, 2017. We began repurchasing common stock in the third quarter of fiscal 2016 and no shares were purchased other than through our stock repurchase program.
The following table summarizes all stock repurchases under our publicly announced stock repurchase program for the periods presented (in thousands, except per share data):
Total Number of Shares | Average Price Paid Per Share | Maximum Dollar Value of
Shares That May Yet Be
Purchased Under Our
Program | ||||||||
December 1, 2016 to December 31, 2016 | — | $ | — | $ | 23,543 | |||||
January 1, 2017 to January 31, 2017 | 16 | $ | 21.83 | $ | 23,188 | |||||
February 1, 2017 to February 28, 2017 | — | $ | — | $ | 23,188 | |||||
16 | $ | 21.83 |
Stock Performance Graph
The following shall not be deemed "filed" for purposes of Section 18 of the Exchange Act, or incorporated by reference into any of our other filings under the Exchange Act or the Securities Act of 1933, as amended, except to the extent we specifically incorporate it by reference into such filing.
40
The following graph compares the cumulative total return of our common stock with the total return for the NYSE Composite Index and the Standard & Poor’s 500 Index (the "S&P 500") from November 6, 2013 through February 28, 2017. The graph assumes that $100 was invested on November 6, 2013 in our common stock, the NYSE Composite Index and the S&P 500, and assumes reinvestment of any dividends. The stock price performance on the following graph is not necessarily indicative of future stock price performance.
Recent Sales of Unregistered Securities
None.
Securities Authorized for Issuance Under Equity Compensation Plans
See Item 12, "Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters" for information regarding securities authorized for issuance.
41
Item 6. Selected Financial Data
The following selected historical financial data below should be read in conjunction with Item 7, "Management’s Discussion and Analysis of Financial Condition and Results of Operations," our financial statements and the accompanying notes appearing in Item 8, "Financial Statements and Supplementary Data," of this Annual Report on Form 10-K to fully understand factors that may affect the comparability of the information presented below.
The statements of operations data for fiscal 2017, 2016 and 2015 and the balance sheet data as of February 28, 2017 and February 29, 2016 are derived from our audited financial statements appearing in Item 8, "Financial Statements and Supplementary Data," of this Annual Report on Form 10-K. The statements of operations for fiscal 2014 and 2013 and the balance sheet data as of February 28, 2015, 2014 and 2013 are derived from audited financial statements not included in this Annual Report on Form 10-K. Our historical results are not necessarily indicative of the results to be expected in the future.
Year Ended February 28/29, | |||||||||||||||||||
2017 | 2016 | 2015 | 2014 | 2013 | |||||||||||||||
(in thousands, except per share data) | |||||||||||||||||||
Consolidated Statements of Operations Data: | |||||||||||||||||||
Revenue: | |||||||||||||||||||
Appliance | $ | 82,732 | $ | 89,275 | $ | 83,146 | $ | 71,914 | $ | 59,528 | |||||||||
Subscription | 269,917 | 230,883 | 194,300 | 161,873 | 139,403 | ||||||||||||||
Total revenue | 352,649 | 320,158 | 277,446 | 233,787 | 198,931 | ||||||||||||||
Cost of revenue (1) | 83,772 | 70,132 | 58,667 | 53,768 | 45,088 | ||||||||||||||
Gross profit | 268,877 | 250,026 | 218,779 | 180,019 | 153,843 | ||||||||||||||
Operating expenses: | |||||||||||||||||||
Research and development (1) | 75,070 | 71,251 | 58,737 | 47,142 | 35,167 | ||||||||||||||
Sales and marketing (1) | 129,707 | 138,324 | 125,526 | 114,024 | 102,329 | ||||||||||||||
General and administrative (1) | 42,042 | 47,338 | 35,438 | 29,856 | 28,777 | ||||||||||||||
Total operating expenses | 246,819 | 256,913 | 219,701 | 191,022 | 166,273 | ||||||||||||||
Income (loss) from operations | 22,058 | (6,887 | ) | (922 | ) | (11,003 | ) | (12,430 | ) | ||||||||||
Other income (expense), net | (70 | ) | (262 | ) | (3,674 | ) | 51 | (839 | ) | ||||||||||
Income (loss) before income taxes and non-controlling interest | 21,988 | (7,149 | ) | (4,596 | ) | (10,952 | ) | (13,269 | ) | ||||||||||
Benefit from (provision for) income taxes (2) | (11,753 | ) | 2,727 | (62,902 | ) | 6,565 | 5,084 | ||||||||||||
Consolidated net income (loss) | 10,235 | (4,422 | ) | (67,498 | ) | (4,387 | ) | (8,185 | ) | ||||||||||
Net loss attributable to non-controlling interest | — | — | — | 761 | 794 | ||||||||||||||
Net income (loss) attributable to Barracuda Networks, Inc. | $ | 10,235 | $ | (4,422 | ) | $ | (67,498 | ) | $ | (3,626 | ) | $ | (7,391 | ) | |||||
Net income (loss) attributable to common stockholders | $ | 10,235 | $ | (4,422 | ) | $ | (67,498 | ) | $ | (3,626 | ) | $ | (9,203 | ) | |||||
Net income (loss) per share attributable to common stockholders: | |||||||||||||||||||
Basic | $ | 0.20 | $ | (0.08 | ) | $ | (1.30 | ) | $ | (0.10 | ) | $ | (0.29 | ) | |||||
Diluted | $ | 0.19 | $ | (0.08 | ) | $ | (1.30 | ) | $ | (0.10 | ) | $ | (0.29 | ) | |||||
Weighted-average shares used to compute net income (loss) per share attributable to common stockholders: | |||||||||||||||||||
Basic | 52,456 | 53,070 | 51,898 | 35,355 | 32,031 | ||||||||||||||
Diluted | 53,572 | 53,070 | 51,898 | 35,355 | 32,031 |
_________________
(1) | Includes stock-based compensation expense as follows: |
42
Year Ended February 28/29, | |||||||||||||||||||
2017 | 2016 | 2015 | 2014 | 2013 | |||||||||||||||
(in thousands) | |||||||||||||||||||
Cost of revenue | $ | 1,367 | $ | 1,062 | $ | 389 | $ | 201 | $ | 146 | |||||||||
Research and development | 11,651 | 8,247 | 4,410 | 2,374 | 2,059 | ||||||||||||||
Sales and marketing | 8,074 | 6,566 | 3,811 | 2,067 | 1,182 | ||||||||||||||
General and administrative | 11,613 | 12,971 | 8,448 | 6,195 | 5,400 | ||||||||||||||
$ | 32,705 | $ | 28,846 | $ | 17,058 | $ | 10,837 | $ | 8,787 |
(2) | In the fourth quarter of fiscal 2015, a valuation allowance was established against a significant portion of our deferred tax assets, including U.S. federal and state deferred tax assets, as well as certain foreign deferred tax assets, because realization of these tax benefits through future taxable income did not meet the more-likely-than-not threshold. |
February 28/29, | |||||||||||||||||||
2017 | 2016 | 2015 | 2014 | 2013 | |||||||||||||||
(in thousands) | |||||||||||||||||||
Consolidated Balance Sheet Data: | |||||||||||||||||||
Cash, cash equivalents and marketable securities | $ | 200,109 | $ | 155,048 | $ | 192,127 | $ | 135,879 | $ | 31,645 | |||||||||
Working capital (deficit) (1) | $ | 13,524 | $ | (41,875 | ) | $ | 29,070 | $ | 30,456 | $ | (67,797 | ) | |||||||
Total assets (1) | $ | 464,774 | $ | 419,804 | $ | 389,345 | $ | 350,056 | $ | 212,248 | |||||||||
Deferred revenue, current and non-current | $ | 407,082 | $ | 392,774 | $ | 373,157 | $ | 313,157 | $ | 261,243 | |||||||||
Note payable, current and non-current | $ | 4,115 | $ | 4,383 | $ | 4,635 | $ | 4,872 | $ | 5,094 | |||||||||
Redeemable convertible preferred stock | $ | — | $ | — | $ | — | $ | — | $ | 167,554 | |||||||||
Common stock and additional paid-in capital | $ | 370,798 | $ | 337,491 | $ | 316,088 | $ | 278,603 | $ | 23,108 | |||||||||
Total stockholders’ equity (deficit) (1) | $ | 6,423 | $ | (32,098 | ) | $ | (39,084 | ) | $ | (5,655 | ) | $ | (259,620 | ) |
(1) | In the fourth quarter of fiscal 2015, a valuation allowance was established against a significant portion of our deferred tax assets, including U.S. federal and state deferred tax assets, as well as certain foreign deferred tax assets, because realization of these tax benefits through future taxable income did not meet the more-likely-than-not threshold. |
43
Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations
You should read the following discussion and analysis of our financial condition and results of operations together with the consolidated financial statements and related notes that are included elsewhere in this Annual Report on Form 10-K. The last day of our fiscal year is February 28/29. Our fiscal quarters end on May 31, August 31, November 30 and February 28/29. This discussion contains forward-looking statements based upon current expectations that involve risks and uncertainties. Our actual results may differ materially from those anticipated in these forward-looking statements as a result of various factors, including those set forth above in the section titled "Risk Factors" and elsewhere in this Annual Report on Form 10-K.
Overview
Barracuda designs and delivers powerful yet easy-to-use security and data protection solutions. We offer cloud-enabled solutions that empower customers to address security threats, improve network performance and protect and store their data. Our security platform helps customers simplify their IT operations and address their most pressing security needs even as they adopt new deployment models and move applications, data and workloads to the cloud. Our business model is built on the core values of speed and agility, which we apply to all aspects of our approach, including our technology innovations, the delivery and deployment of our solutions and responses to customer inquiries.
We derive revenue from sales of appliances and subscriptions. Revenue from the sale of our appliances includes hardware and a perpetual license. Subscription revenue is generated primarily from our subscription services such as our Barracuda Energize Updates and our cloud solutions. Subscription revenue also includes revenue from fixed term licenses of our managed service provider solutions, virtual appliance software, support and maintenance. Our subscriptions include monthly and annual terms ranging from one to five years, the substantial majority of which are for one-year periods. Subscriptions are billed in advance of the purchased subscription period. Renewal rates from subscriptions, on a dollars basis, have been 92%, 93% and 94% in fiscal 2017, 2016 and 2015, respectively. Subscription annual recurring revenue, which is the annualized dollar amount of recurring subscription revenue in the final month of the fiscal year, increased to $286.3 million for fiscal 2017 from $255.0 million for fiscal 2016.
The growth of our business and our future success depend on many factors, including our ability to continue to expand our customer base, pursue cross-sale opportunities and grow revenues from our existing customer base, expand our distribution channels, particularly internationally, continue to develop new solutions to promptly respond to our customers’ needs and successfully integrate acquisitions into our business. In aligning our investments, product portfolio and routes to market to address our customers' growing adoption of public cloud, SaaS and managed service IT deployment models, we provide a security platform that spans email, management, network and application security as well as data protection, all of which can be deployed and centrally managed across diverse and distributed architectures. As our existing customers’ IT buying needs evolve, or as our customers realize the benefits of the solutions that they previously purchased, our platform provides us an opportunity to cross-sell additional solutions. To support our cross-sell efforts, we intend to continue adding higher touch sales and marketing field resources to liaise with our channel partners as we continue to grow our sales both domestically and internationally. We expect that our continued investment in resources to expand our cross-sell efforts to existing customers will result in longer-term revenue growth opportunities.
In addition to our cross-sell efforts, our sales and marketing initiatives are primarily focused on higher-growth segments within the security and data protection markets. Our future success will depend in part on our ability to continue to timely identify these higher-growth segments and expand our sales within them. While these areas represent significant opportunities for us, they also pose risks and challenges that we must successfully address in order to sustain the growth of our business and improve our operating results.
Furthermore, our business depends on the overall demand for security and data protection solutions. Weak global economic conditions, particularly market and financial uncertainty and instability in the United States and Europe, or a reduction in security and data protection solution spending even if general economic conditions are unaffected, could adversely impact our business, financial condition and operating results in a number of ways. Additionally, we face significant competition across all of our market segments, and must continue to execute across all functions and add qualified personnel to succeed.
Our Business Model
We generally invoice at the time of sale for the total price of the solutions we deliver, and we typically collect cash in 30 to 60 days. We refer to the total amount of invoices we issue in a period as gross billings. All of the gross billings we record are recognized as revenue ratably under U.S. generally accepted accounting principles ("GAAP"), once all revenue recognition
44
criteria have been met. Gross billings are initially recorded as deferred revenue, less reserves. The hardware appliance component of our gross billings is recognized ratably as revenue over the estimated customer relationship period, which is typically three years, commencing upon the activation of the unit by the end customer. The subscription component of our gross billings is recognized ratably as revenue over the contractual period of the subscription. Because we typically bill in advance for the entire term, substantially all of our new and renewal gross billings increase our deferred revenue balance, which contributes significantly to our cash flow.
Components of Results of Operations
Revenue
We generate revenue from the sales of our appliances and subscriptions.
• | Appliance Revenue. Revenue from the sale of our appliances includes hardware and a perpetual software license. We recognize hardware appliance revenue over the estimated customer relationship period of three years, commencing with the end-user’s activation of the appliance and related subscription, provided all other criteria for the recognition of appliance revenue are met. |
• | Subscription Revenue. Subscription revenue is generated primarily from our subscription services such as our Barracuda Energize Updates. Subscription revenue also includes revenue from fixed term licenses of our virtual appliance software, support and maintenance. Our subscription terms include monthly and annual terms ranging from one year to five years, the substantial majority of which are for one year periods. We recognize revenue from subscriptions, support and maintenance over the contractual service period. |
Cost of Revenue
Cost of revenue consists of costs related to our appliance and subscription revenue. Such costs include hardware, manufacturing, shipping and logistics, customer support, royalty, warranty, personnel costs, service delivery and data center costs and amortization of intangible assets related to acquired technology. We expect our cost of revenue to increase in absolute dollars, although it may fluctuate as a percentage of total revenue from period to period, as we continue to grow.
Gross Profit
Gross profit as a percentage of total revenue, or gross margin, has been and will continue to be affected by a variety of factors, including manufacturing costs, cost of technical support and the mix of our solutions sold. We expect our gross profit to fluctuate over time depending on the factors described above.
Operating Expenses
Our operating expenses consist of research and development, sales and marketing and general and administrative expenses. Personnel costs are the most significant component of operating expenses and consist of salaries, benefits, bonuses, stock-based compensation expense and travel-related expenses. Operating expenses also include allocated overhead costs for facilities, IT and depreciation. We expect operating expenses to increase in absolute dollars, although they may fluctuate as a percentage of total revenue from period to period, as we continue to grow. In particular, we expect our stock-based compensation expense to increase in absolute dollars as a result of our existing stock-based compensation expense to be recognized as options and restricted stock units ("RSUs") vest and as we issue additional stock-based awards to attract and retain employees.
• | Research and development. Research and development expenses consist primarily of salaries, benefits and stock-based compensation for employees and executives on our engineering and technical teams who are responsible for increasing the functionality and enhancing the ease-of-use of our appliance and subscription services, as well as the development of new products. We expense our research and development costs as they are incurred. We expect research and development expenses to increase in absolute dollars as we continue to invest in our future solutions, although our research and development expenses may fluctuate as a percentage of total revenue. |
• | Sales and marketing. Our sales and marketing expenses consist primarily of advertising, as well as salaries, commissions, benefits and stock-based compensation for our employees and executives engaged in sales, sales support, marketing, business development and customer service functions. Our advertising expenses include the costs of cooperative marketing programs developed with our channel partners and other marketing programs such as online lead generation, promotional events and web seminars. We market and sell our subscription services worldwide |
45
through our sales organization and distribution channels, such as strategic resellers and distributors. We capitalize and amortize the direct and incremental portion of our sales commissions over the period the related revenue is recognized. We expect sales and marketing expenses to increase in absolute dollars as we continue to introduce marketing campaigns and invest in sales resources in key focus areas, although our sales and marketing expenses may fluctuate as a percentage of total revenue.
• | General and administrative. Our general and administrative expenses consist primarily of salaries, benefits and stock-based compensation for our finance, legal, regulatory and compliance, human resources and other administrative employees and executives. In addition, general and administrative expenses include outside consulting, legal and accounting services and facilities and other supporting overhead costs. We expect general and administrative expenses to increase in absolute dollars due to professional services fees primarily related to outside legal, audit, investor relations and consulting services to support the business, although our general and administrative expenses may fluctuate as a percentage of total revenue. |
Other Income (Expense), Net
Other income (expense), net consists primarily of foreign exchange gains and losses, interest expense on our outstanding debt and interest income earned on our cash, cash equivalents and marketable securities, as well as realized gains and losses from our marketable securities portfolio. We expect interest income will vary each reporting period depending on our average investment balances during the period, types and mix of investments and market interest rates.
Benefit from (Provision for) Income Taxes
Our benefit from (provision for) income taxes consists primarily of federal and state income taxes in the United States and income taxes in foreign jurisdictions in which we conduct business. We estimate income taxes in each of the jurisdictions in which we operate. This process involves determining income tax expense together with calculating the deferred income tax expense related to temporary differences resulting from the differing treatment of items for tax and accounting purposes. Deferred tax assets and liabilities are measured using enacted tax rates in effect for the year in which those temporary differences are expected to be recovered or settled. These temporary differences result in deferred tax assets and liabilities, which are included within our consolidated balance sheets. Deferred tax assets are recognized for deductible temporary differences, along with net operating loss and credits carryforwards, if it is more likely than not that the tax benefits will be realized.
46
Results of Operations
The following tables summarize our consolidated results of operations for the periods presented (dollars in thousands) and as a percentage of our total revenue for those periods.
Year Ended February 28/29, | |||||||||||
2017 | 2016 | 2015 | |||||||||
Revenue: | |||||||||||
Appliance | $ | 82,732 | $ | 89,275 | $ | 83,146 | |||||
Subscription | 269,917 | 230,883 | 194,300 | ||||||||
Total revenue | 352,649 | 320,158 | 277,446 | ||||||||
Cost of revenue | 83,772 | 70,132 | 58,667 | ||||||||
Gross profit | 268,877 | 250,026 | 218,779 | ||||||||
Operating expenses: | |||||||||||
Research and development | 75,070 | 71,251 | 58,737 | ||||||||
Sales and marketing | 129,707 | 138,324 | 125,526 | ||||||||
General and administrative | 42,042 | 47,338 | 35,438 | ||||||||
Total operating expenses | 246,819 | 256,913 | 219,701 | ||||||||
Income (loss) from operations | 22,058 | (6,887 | ) | (922 | ) | ||||||
Other expense, net | (70 | ) | (262 | ) | (3,674 | ) | |||||
Income (loss) before income taxes | 21,988 | (7,149 | ) | (4,596 | ) | ||||||
Benefit from (provision for) income taxes | (11,753 | ) | 2,727 | (62,902 | ) | ||||||
Net income (loss) | $ | 10,235 | $ | (4,422 | ) | $ | (67,498 | ) |
Year Ended February 28/29, | ||||||||
2017 | 2016 | 2015 | ||||||
Revenue: | ||||||||
Appliance | 23 | % | 28 | % | 30 | % | ||
Subscription | 77 | 72 | 70 | |||||
Total revenue | 100 | 100 | 100 | |||||
Cost of revenue | 24 | 22 | 21 | |||||
Gross profit | 76 | 78 | 79 | |||||
Operating expenses: | ||||||||
Research and development | 21 | 22 | 21 | |||||
Sales and marketing | 37 | 43 | 45 | |||||
General and administrative | 12 | 15 | 13 | |||||
Total operating expenses | 70 | 80 | 79 | |||||
Income (loss) from operations | 6 | (2 | ) | — | ||||
Other expense, net | — | — | (1 | ) | ||||
Income (loss) before income taxes | 6 | (2 | ) | (1 | ) | |||
Benefit from (provision for) income taxes | (3 | ) | 1 | (23 | ) | |||
Net income (loss) | 3 | % | (1 | )% | (24 | )% |
47
Comparison of the Fiscal Years Ended February 28, 2017 and February 29, 2016
Revenue
Year Ended February 28/29, | ||||||||||||||
2017 | 2016 | Change | ||||||||||||
Amount | Amount | Amount | % | |||||||||||
(dollars in thousands) | ||||||||||||||
Appliance | $ | 82,732 | $ | 89,275 | $ | (6,543 | ) | (7 | )% | |||||
Subscription | 269,917 | 230,883 | 39,034 | 17 | ||||||||||
$ | 352,649 | $ | 320,158 | $ | 32,491 | 10 | % |
Total revenue increased $32.5 million, or 10%, for fiscal 2017 compared to fiscal 2016. Subscription revenue increased by $39.0 million, or 17%, primarily due to a 15% increase in active subscribers from 278,398 active subscribers as of February 29, 2016 to 321,241 active subscribers as of February 28, 2017. The increase in active subscribers was primarily driven by our high level of customer retention and an increase in the number of customers purchasing subscriptions from us. Total appliance revenue decreased by $6.5 million, or 7%, primarily due to the continuing shift by our customers from traditional and solely on-premises deployments to include the cloud, which includes hybrid network architectures, public and/or private clouds, SaaS applications and managed service solutions.
Cost of Revenue and Gross Margin
Year Ended February 28/29, | ||||||||||||||||||||
2017 | 2016 | Change | ||||||||||||||||||
Amount | Gross Margin | Amount | Gross Margin | Amount | % | |||||||||||||||
(dollars in thousands) | ||||||||||||||||||||
Cost of revenue | $ | 83,772 | $ | 70,132 | $ | 13,640 | 19 | % | ||||||||||||
Gross profit | $ | 268,877 | 76 | % | $ | 250,026 | 78 | % | $ | 18,851 | 8 | % |
Cost of revenue increased for fiscal 2017 compared to fiscal 2016 commensurate with the increase in total revenue for the comparable periods. Gross margin decreased in fiscal 2017 compared to fiscal 2016, primarily due to product mix shifts and increases of $3.5 million in service delivery costs, $3.5 million in warranty and royalty costs, $1.8 million in amortization of intangible assets and $1.1 million in depreciation expenses. Additionally, our gross margin is generally impacted by the timing of investments in our data center infrastructure and our technical support.
Operating Expenses
Year Ended February 28/29, | ||||||||||||||||||||
2017 | 2016 | Change | ||||||||||||||||||
Amount | % of Total Revenue | Amount | % of Total Revenue | Amount | % | |||||||||||||||
(dollars in thousands) | ||||||||||||||||||||
Research and development | $ | 75,070 | 21 | % | $ | 71,251 | 22 | % | $ | 3,819 | 5 | % | ||||||||
Sales and marketing | 129,707 | 37 | 138,324 | 43 | (8,617 | ) | (6 | ) | ||||||||||||
General and administrative | 42,042 | 12 | 47,338 | 15 | (5,296 | ) | (11 | ) | ||||||||||||
$ | 246,819 | 70 | % | $ | 256,913 | 80 | % | $ | (10,094 | ) | (4 | )% |
Research and development expenses increased $3.8 million, or 5%, in fiscal 2017 compared to fiscal 2016 primarily due to increases of $3.4 million in stock-based compensation expense, $1.6 million in consulting costs and $0.7 million in compensation and personnel related costs, partially offset by decreases of $0.8 million in travel and other related costs, $0.5 million in equipment and service expenses, $0.4 million in IT-related infrastructure expenses and $0.1 million in depreciation expense. As a percentage of total revenue, research and development expenses remained relatively consistent year over year.
Sales and marketing expenses decreased $8.6 million, or 6%, in fiscal 2017 compared to fiscal 2016 primarily due to decreases of $15.2 million in marketing and channel partner program expenses, primarily attributable to lower search engine
48
marketing, sponsorship and advertising spend and event and trade show costs, $0.8 million in travel and other related costs and $0.3 million in IT-related infrastructure expenses, partially offset by increases of $5.0 million in compensation and personnel costs, primarily attributable to higher sales commission attainment, $1.5 million in stock-based compensation expense, $0.5 million in consulting costs and $0.4 million in license and service fees. As a percentage of total revenue, sales and marketing expenses decreased year over year primarily due to the timing and nature of marketing campaigns.
General and administrative expenses decreased $5.3 million, or 11%, in fiscal 2017 compared to fiscal 2016 primarily due to decreases of $4.2 million in legal and settlement costs, which included a $2.3 million settlement charge for intellectual property matters and a $1.5 million settlement of an export compliance matter in fiscal 2016, $1.4 million in stock-based compensation expense, $0.5 million in travel and other related costs, $0.4 million in consulting costs and $0.3 million in equipment and software expense, partially offset by increases of $0.5 million in bad debt expense, $0.5 million in compensation and personnel related costs, $0.4 million in depreciation expense and $0.1 million in payment processing costs. As a percentage of total revenue, general and administrative expenses decreased year over year due to the legal and settlement costs associated with the matters noted above not recurring in fiscal 2017.
Other Expense, Net
Year Ended February 28/29, | |||||||||||||
2017 | 2016 | Change | |||||||||||
Amount | Amount | Amount | % | ||||||||||
(dollars in thousands) | |||||||||||||
Other expense, net | $ | (70 | ) | $ | (262 | ) | $ | 192 | NM |
The change in other expense, net was due primarily to an increase of $1.1 million in realized gains from the sale of marketable securities, partially offset by an increase of $0.8 million in net foreign exchange losses during fiscal 2017 compared to fiscal 2016.
Benefit from (Provision for) Income Taxes
Year Ended February 28/29, | |||||||||||||
2017 | 2016 | Change | |||||||||||
Amount | Amount | Amount | % | ||||||||||
(dollars in thousands) | |||||||||||||
Benefit from (provision for) income taxes | $ | (11,753 | ) | $ | 2,727 | $ | (14,480 | ) | NM |
We recorded an income tax provision of $11.8 million for fiscal 2017 and an income tax benefit of $2.7 million for fiscal 2016. We established a valuation allowance in fiscal 2015 against a significant portion of our deferred tax assets, including U.S. federal and state deferred tax assets, as well as certain foreign deferred tax assets, because realization of these tax benefits through future taxable income does not meet the more-likely-than-not threshold. We intend to maintain the valuation allowance until sufficient positive evidence exists to support its reversal. The difference between the income tax provision that would be derived by applying the statutory rate to our income before tax and the income tax provision actually recorded for fiscal 2017 is primarily due to the temporary differences, which we do not expect to benefit from due to our valuation allowance, non-deductible stock-based compensation expense and other currently non-deductible items.
Comparison of the Fiscal Years Ended February 29, 2016 and February 28, 2015
Revenue
Year Ended February 28/29, | ||||||||||||||
2016 | 2015 | Change | ||||||||||||
Amount | Amount | Amount | % | |||||||||||
(dollars in thousands) | ||||||||||||||
Appliance | $ | 89,275 | $ | 83,146 | $ | 6,129 | 7 | % | ||||||
Subscription | 230,883 | 194,300 | 36,583 | 19 | ||||||||||
$ | 320,158 | $ | 277,446 | $ | 42,712 | 15 | % |
49
Total revenue increased $42.7 million, or 15%, for fiscal 2016 compared to fiscal 2015. Subscription revenue increased by $36.6 million, or 19%, primarily due to a 14% increase in active subscribers from 243,578 active subscribers as of February 28, 2015 to 278,398 active subscribers as of February 29, 2016. The increase in active subscribers was primarily driven by our high level of customer retention and an increase in the number of customers purchasing subscriptions from us. Total appliance revenue grew by $6.1 million, or 7%, due to increased demand for our solutions, however, the growth rate decreased from the previous period due to an increasing number of customers shifting from traditional and solely on-premises deployments to include the cloud.
Cost of Revenue and Gross Margin
Year Ended February 28/29, | ||||||||||||||||||||
2016 | 2015 | Change | ||||||||||||||||||
Amount | Gross Margin | Amount | Gross Margin | Amount | % | |||||||||||||||
(dollars in thousands) | ||||||||||||||||||||
Cost of revenue | $ | 70,132 | $ | 58,667 | $ | 11,465 | 20 | % | ||||||||||||
Gross profit | $ | 250,026 | 78 | % | $ | 218,779 | 79 | % | $ | 31,247 | 14 | % |
Cost of revenue increased for fiscal 2016 compared to fiscal 2015 commensurate with the increase in appliance and subscription revenue for the comparable periods. Gross margin decreased slightly in fiscal 2016 compared to fiscal 2015. The slight decrease was primarily due to product mix shifts and increased amortization of intangible assets and depreciation expenses. Additionally, our gross margin is generally impacted by the timing of investments in our data center infrastructure and our technical support.
Operating Expenses
Year Ended February 28/29, | ||||||||||||||||||||
2016 | 2015 | Change | ||||||||||||||||||
Amount | % of Total Revenue | Amount | % of Total Revenue | Amount | % | |||||||||||||||
(dollars in thousands) | ||||||||||||||||||||
Research and development | $ | 71,251 | 22 | % | $ | 58,737 | 21 | % | $ | 12,514 | 21 | % | ||||||||
Sales and marketing | 138,324 | 43 | 125,526 | 45 | 12,798 | 10 | ||||||||||||||
General and administrative | 47,338 | 15 | 35,438 | 13 | 11,900 | 34 | ||||||||||||||
$ | 256,913 | 80 | % | $ | 219,701 | 79 | % | $ | 37,212 | 17 | % |
Research and development expenses increased $12.5 million, or 21%, in fiscal 2016 compared to fiscal 2015 primarily due to increases of $5.9 million in compensation and personnel related costs primarily attributable to a 9% increase in the average research and development headcount throughout fiscal 2016 compared to fiscal 2015 and our acquisition of Intronis in October 2015, $3.8 million in stock-based compensation expense, $0.9 million in consulting costs, $0.8 million in IT-related infrastructure expenses, $0.4 million in equipment and service expenses, $0.3 million in travel and other related costs and $0.2 million in license and service fees. As a percentage of total revenue, research and development expenses remained consistent year over year.
Sales and marketing expenses increased $12.8 million, or 10%, in fiscal 2016 compared to fiscal 2015 primarily due to increases of $7.6 million in compensation and personnel related costs, primarily attributable to an 18% increase in the average sales and marketing headcount throughout fiscal 2016 compared to fiscal 2015 and our acquisition of Intronis, $2.8 million in stock-based compensation expense, $1.2 million in amortization expense associated with the acquisition of Intronis and impairment charges related to certain acquisition-related customer relationship assets and $0.7 million in IT-related infrastructure expenses. As a percentage of total revenue, sales and marketing expenses slightly decreased year over year primarily due to a reversal of estimated contingent consideration obligations, which resulted in a $1.3 million reduction of compensation and personnel related costs.
General and administrative expenses increased $11.9 million, or 34%, in fiscal 2016 compared to fiscal 2015 primarily due to increases of $4.8 million in legal, compliance and consulting costs, which included a $2.3 million settlement charge for intellectual property matters and a $1.5 million settlement related to export compliance, $4.5 million in stock-based
50
compensation expense, $0.9 million in compensation and personnel related costs, primarily attributable to a 4% increase in the average general and administrative headcount throughout fiscal 2016 compared to fiscal 2015 and our acquisition of Intronis, $0.6 million in equipment and software expense, $0.6 million in depreciation expense and $0.2 million in payment processing costs. As a percentage of total revenue, general and administrative expenses slightly increased year over year primarily due to increased legal and settlement costs.
Other Expense, Net
Year Ended February 28/29, | |||||||||||||
2016 | 2015 | Change | |||||||||||
Amount | Amount | Amount | % | ||||||||||
(dollars in thousands) | |||||||||||||
Other expense, net | $ | (262 | ) | $ | (3,674 | ) | $ | 3,412 | NM |
The change in other expense, net was due primarily to a decrease of $3.5 million in net foreign exchange losses during fiscal 2016 compared to fiscal 2015.
Benefit from (Provision for) Income Taxes
Year Ended February 28/29, | |||||||||||||
2016 | 2015 | Change | |||||||||||
Amount | Amount | Amount | % | ||||||||||
(dollars in thousands) | |||||||||||||
Benefit from (provision for) income taxes | $ | 2,727 | $ | (62,902 | ) | $ | 65,629 | NM |
We recorded an income tax benefit of $2.7 million for fiscal 2016 and an income tax provision of $62.9 million for fiscal 2015. We established a valuation allowance in fiscal 2015 against a significant portion of our deferred tax assets, including U.S. federal and state deferred tax assets, as well as certain foreign deferred tax assets, because realization of these tax benefits through future taxable income does not meet the more-likely-than-not threshold. We intend to maintain the valuation allowances until sufficient positive evidence exists to support the reversal of the valuation allowances. The difference between the income tax benefit that would be derived by applying the statutory rate to our loss before tax and the income tax benefit actually recorded for fiscal 2016 is primarily due to the change in the valuation allowance, as well as non-deductible stock-based compensation expense and other currently non-deductible items, offset by the tax benefit from the tax credits.
Quarterly Results of Operations
The following tables set forth selected unaudited quarterly consolidated statements of operations data for each of the eight quarters in the period ended February 28, 2017, as well as the percentage that each line item represents of total revenue. The information for each of these quarters has been prepared on the same basis as the audited annual financial statements included elsewhere in this Annual Report on Form 10-K and, in the opinion of management, includes all adjustments, which includes only normal recurring adjustments, necessary for the fair presentation of the results of operations for these periods in accordance with GAAP. This data should be read in conjunction with our audited consolidated financial statements and related notes included in Item 8 of this Annual Report on Form 10-K. The results of historical periods are not necessarily indicative of the results of operations for a full year or any future period.
51
Three Months Ended | |||||||||||||||||||||||||||||||
February 28, 2017 | November 30, 2016 | August 31, 2016 | May 31, 2016 | February 29, 2016 | November 30, 2015 | August 31, 2015 | May 31, 2015 | ||||||||||||||||||||||||
(in thousands) | |||||||||||||||||||||||||||||||
Revenue: | |||||||||||||||||||||||||||||||
Appliance | $ | 19,908 | $ | 20,457 | $ | 21,034 | $ | 21,333 | $ | 21,650 | $ | 21,655 | $ | 22,288 | $ | 23,682 | |||||||||||||||
Subscription | 69,351 | 68,349 | 66,896 | 65,321 | 62,076 | 58,432 | 56,083 | 54,292 | |||||||||||||||||||||||
Total revenue | 89,259 | 88,806 | 87,930 | 86,654 | 83,726 | 80,087 | 78,371 | 77,974 | |||||||||||||||||||||||
Cost of revenue | 22,193 | 21,098 | 20,240 | 20,241 | 19,879 | 18,352 | 15,935 | 15,966 | |||||||||||||||||||||||
Gross profit | 67,066 | 67,708 | 67,690 | 66,413 | 63,847 | 61,735 | 62,436 | 62,008 | |||||||||||||||||||||||
Operating expenses: | |||||||||||||||||||||||||||||||
Research and development | 18,790 | 18,627 | 18,446 | 19,207 | 17,120 | 18,629 | 17,502 | 18,000 | |||||||||||||||||||||||
Sales and marketing | 32,865 | 33,368 | 32,144 | 31,330 | 33,504 | 36,218 | 34,470 | 34,132 | |||||||||||||||||||||||
General and administrative | 10,084 | 10,217 | 10,969 | 10,772 | 10,998 | 14,872 | 10,770 | 10,698 | |||||||||||||||||||||||
Total operating expenses | 61,739 | 62,212 | 61,559 | 61,309 | 61,622 | 69,719 | 62,742 | 62,830 | |||||||||||||||||||||||
Income (loss) from operations | 5,327 | 5,496 | 6,131 | 5,104 | 2,225 | (7,984 | ) | (306 | ) | (822 | ) | ||||||||||||||||||||
Other income (expense), net | (201 | ) | (2,374 | ) | 1,515 | 990 | 604 | (395 | ) | 97 | (568 | ) | |||||||||||||||||||
Income (loss) before income taxes | 5,126 | 3,122 | 7,646 | 6,094 | 2,829 | (8,379 | ) | (209 | ) | (1,390 | ) | ||||||||||||||||||||
Benefit from (provision for) income taxes | (1,905 | ) | (1,329 | ) | (5,209 | ) | (3,310 | ) | 406 | 6,793 | (2,030 | ) | (2,442 | ) | |||||||||||||||||
Net income (loss) | $ | 3,221 | $ | 1,793 | $ | 2,437 | $ | 2,784 | $ | 3,235 | $ | (1,586 | ) | $ | (2,239 | ) | $ | (3,832 | ) | ||||||||||||
Net income (loss) per share – basic | $ | 0.06 | $ | 0.03 | $ | 0.05 | $ | 0.05 | $ | 0.06 | $ | (0.03 | ) | $ | (0.04 | ) | $ | (0.07 | ) | ||||||||||||
Net income (loss) per share – diluted | $ | 0.06 | $ | 0.03 | $ | 0.05 | $ | 0.05 | $ | 0.06 | $ | (0.03 | ) | $ | (0.04 | ) | $ | (0.07 | ) |
52
Three Months Ended | |||||||||||||||||||||||
February 28, 2017 | November 30, 2016 | August 31, 2016 | May 31, 2016 | February 29, 2016 | November 30, 2015 | August 31, 2015 | May 31, 2015 | ||||||||||||||||
Revenue: | |||||||||||||||||||||||
Appliance | 22 | % | 23 | % | 24 | % | 25 | % | 26 | % | 27 | % | 28 | % | 30 | % | |||||||
Subscription | 78 | 77 | 76 | 75 | 74 | 73 | 72 | 70 | |||||||||||||||