VMware 2014 Annual Report Download - page 24

Download and view the complete annual report

Please find page 24 of the 2014 VMware annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 128

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128

Table of Contents
threaten to misappropriate our proprietary information and cause interruptions of our IT services. Because the techniques used by unauthorized
persons to access or sabotage networks change frequently and may not be recognized until launched against a target, we may be unable to
anticipate these techniques. Further, if unauthorized access or sabotage remains undetected for an extended period of time, the effects of such
breach could be exacerbated. In addition, sophisticated hardware and operating system software and applications that we produce or procure
from third parties may contain defects in design or manufacture, including “bugs” and other problems that could unexpectedly interfere with the
operation of the system. Our exposure to cybersecurity threats and negative consequences of cybersecurity breaches will likely increase as our
vCloud Air business expands and we store increasing amounts of customer data and host or manage parts of customers’ businesses in cloud-
based IT environments.
We have also outsourced a number of our business functions to third party contractors, and our business operations also depend, in part, on
the success of our contractors
own cybersecurity measures. We also use third parties to provide colocation services (i.e. data center services) for
our hybrid cloud offering. Similarly, we rely upon distributors, resellers, system vendors and systems integrators to sell our products and our
sales operations depend, in part, on the reliability of their cybersecurity measures. Additionally, we depend upon our employees to appropriately
handle confidential data and deploy our IT resources in safe and secure fashion that does not expose our network systems to security breaches
and the loss of data. Accordingly, if our cybersecurity systems and those of our contractors, partners and vendors fail to protect against
unauthorized access, sophisticated cyberattacks and the mishandling of data by our employees, contractors, partners or vendors, our ability to
conduct our business effectively could be damaged in a number of ways, including:
Should any of the above events occur, we could be subject to significant claims for liability from our customers, regulatory actions from
governmental agencies, our ability to protect our intellectual property rights could be compromised and our reputation and competitive position
could be significantly harmed. Also, the regulatory and contractual actions, litigations, investigations, fines, penalties and liabilities relating to
data breaches that result in losses of personally identifiable or credit card information of users of our services can be significant in terms of fines
and reputational impact, and necessitate changes to our business operations that may be disruptive to us. Additionally, we could incur significant
costs in order to upgrade our cybersecurity systems and remediate damages. Consequently, our financial performance and results of operations
could be adversely affected.
Our products and services are highly technical and may contain errors, defects or security vulnerabilities which could cause harm to our
reputation and adversely affect our business.
Our products and services are highly technical and complex and, when deployed, have contained and may contain errors, defects or security
vulnerabilities. Some errors in our products or services may only be discovered after a product or service has been installed and used by
customers. Any errors, defects or security vulnerabilities discovered in our products or services after commercial release could result in loss of
revenues or delay in revenue recognition, loss of customers and increased service and warranty cost, any of which could adversely affect our
business, financial condition and results of operations. Undiscovered vulnerabilities in our products or services could expose them to hackers or
other unscrupulous third parties who develop and deploy viruses, worms, and other malicious software programs that could attack our products
or services. In the past, VMware has been made aware of public postings by hackers of portions of our source code. It is possible that the
released source code could expose unknown security vulnerabilities in our products and services that could be exploited by hackers or others.
We may also inherit unknown security vulnerabilities when we integrate the products or services of companies that we acquire into existing and
new VMware products or services.
Actual or perceived security vulnerabilities in our products or services could harm our reputation and lead some customers to return
products or services, to reduce or delay future purchases or to use competitive products or services. End users, who rely on our products and
services for the interoperability of enterprise servers and applications that are critical to their information systems, may have a greater sensitivity
to product errors and security vulnerabilities than customers for software products generally. Any security breaches could lead to interruptions,
delays and data loss and protection concerns. By their nature, security breaches are often difficult to detect and the failure to detect a breach for
an extended period of time could
22
sensitive data regarding our business, including intellectual property and other proprietary data, could be stolen;
our electronic communications systems, including email and other methods, could be disrupted, and our ability to conduct our business
operations could be seriously damaged until such systems can be restored and secured;
our ability to process customer orders and electronically deliver products and services could be degraded, and our distribution channels
could be disrupted, resulting in delays in revenue recognition;
defects and security vulnerabilities could be exploited or introduced into our software products or our hybrid cloud offering, thereby
damaging the reputation and perceived reliability and security of our products and services and potentially making the data systems of
our customers vulnerable to further data loss and cyber incidents; and
personally identifiable or confidential data of our customers, employees and business partners could be stolen or lost.