VMware 2015 Annual Report Download - page 17
Download and view the complete annual report
Please find page 17 of the 2015 VMware annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.TableofContents
• defectsandsecurityvulnerabilitiescouldbeexploitedorintroducedintooursoftwareproductsorourhybridcloudandSaaSofferings,therebydamaging
thereputationandperceivedreliabilityandsecurityofourproductsandservicesandpotentiallymakingthedatasystemsofourcustomersvulnerableto
furtherdatalossandcyberincidents;and
• personallyidentifiableorconfidentialdataofourcustomers,employeesandbusinesspartnerscouldbestolenorlost.
Shouldanyoftheaboveeventsoccur,wecouldbesubjecttosignificantclaimsforliabilityfromourcustomers,wecouldfaceregulatoryactionsfrom
governmentalagencies,ourabilitytoprotectourintellectualpropertyrightscouldbecompromised,ourreputationandcompetitivepositioncouldbesignificantly
harmedandwecouldincursignificantcostsinordertoupgradeourcybersecuritysystemsandremediatedamages.Consequently,ourbusiness,financialcondition
andoperatingresultscouldbeadverselyaffected.
We operate a global business that exposes us to additional risks.
Ourinternationalactivitiesaccountforasubstantialportionofourrevenuesandprofits,andweplantofurtherexpandinternationally.Inaddition,our
investmentportfolioincludesinvestmentsinnon-U.S.financialinstrumentsandholdingsinnon-U.S.financialinstitutions,includingEuropeaninstitutions.In
additiontotherisksdescribedelsewhereintheseriskfactors,ourinternationaloperationssubjectustoavarietyofrisks,including:
•difficultiesinenforcingcontractsandcollectingaccountsreceivableandlongerpaymentcycles,especiallyinemergingmarkets;
• difficultiesindeliveringsupport,traininganddocumentationincertainforeignmarkets;
•tariffsandtradebarriersandotherregulatoryorcontractuallimitationsonourabilitytosellordevelopourproductsandservicesincertainforeign
markets;
•economicorpoliticalinstabilityandsecurityconcernsincountriesthatareimportanttoourinternationalsalesandoperations;
•difficultiesintransferringfundsfromcertaincountries;
• increasedcompliancerisks,particularlyinemergingmarkets;and
•difficultiesinmaintainingappropriatecontrolsrelatingtorevenuerecognitionpractices.
Forexample,recenteconomicinstabilityinBrazil,ChinaandRussiahasadverselyaffectedouroperatingresultsinthesecountries,andouroperatingresults
maybefurtheradverselyaffectedifthiseconomicinstabilitycontinuesorspreadstoneighboringmarkets.Additionally,theChinesegovernmentisworkingto
implementnewnetworksecuritystandardsthatwillrequireITsystemsbeingsoldintocertainkeysectorstobecertifiedas“secureandcontrollable”.Aspartof
thateffort,inDecember2014,standardswereimplementedinthebankingsectorrequiringITcompaniessellingtoChinesebankstosubmittheirsoftwareand
othertechnologytointrusivesecuritytesting,includeindigenousChineseintellectualpropertyandencryptiontechnologyintheirsoftwareanddisclosesource
codeandotherproprietaryinformationtotheChinesegovernment.Implementationofthesestandardswassubsequentlysuspendedinlightofconcerns
communicatedbybanksandotherparties.However,in2015,thegovernmenthascontinuedtoenactorproposeadditionallawsandregulationstoaddress
informationandnetworksecurity.Forexample,inJuly2015,ChinaenactedaStateSecurityLawauthorizingthegovernmenttoimplementasystemfor
maintainingthesecurityofnetworksandinformation,anditalsopublishedadraftcybersecuritylawthatproposedvariousspecificinformationsecurityand
networksecuritymeasurestoenhance“cybersovereignty.”InNovember2015,theinsuranceregulatorinChinaissueddraftinsurancecyberrulesthatwould
requireinsurancecompaniestohavecompliantencryptiontools,secureandcomplianthardwareandsoftwareproducts,anddatastorage.InDecember2015,China
enactedanAnti-TerrorismLawthatgiveslocalpublicsecurityandstatesecurityauthoritiesthebroaddiscretionaryauthoritytorequirecompaniestoprovide
accesstotheirequipmentanddecryptionsupportinparticularcases.Failuretocomplywithsuchrequestscanresultinfinesandimprisonment.Inaddition,abroad
rangeofbusinesseswillberequiredtoverifytheidentitiesofcustomersandprohibittheprovisionofservicestocustomerswhoseidentitiesareunclearorwho
refusetocooperateintheverificationprocess.Ifwearenotableto,orchoosenotto,complywiththeseandotherinformationandnetworksecuritystandardsthat
theChinesegovernmentmightimplementinthefuture,ourbusinessinChinamaysuffer.
Furthermore,ifwefailtocomplywithlegalandregulatoryrequirementscoveringtheforeignactivitiesofU.S.corporations,suchasexportcontrol
requirementsandtheForeignCorruptPracticesAct,aswellaswithlocalregulatoryrequirementsinnon-U.S.jurisdictions,wemaybeexposedtosignificantfines
andpenaltiesandreputationalharm.Theseriskswillincreaseasweexpandouroperationsinlocationswithahigherincidenceofcorruptionandfraudulent
businesspractices.
Inaddition,potentialfalloutfrompastdisclosuresrelatedtotheU.S.Internetandcommunicationssurveillanceandpossibleeffortstoenableincreased
surveillancecouldmakeforeigncustomersreluctanttopurchaseproductsandservicesfromU.S.-basedtechnologycompaniesandimpairourgrowthratein
foreignmarkets.
16