Adobe 2012 Annual Report Download - page 43

Download and view the complete annual report

Please find page 43 of the 2012 Adobe annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 136

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136

43
visitors the opportunity to “opt-out” of the information collection associated with our services, as applicable. We do not formally
audit such customers to confirm compliance with these representations. If these representations are false or if such customers do
not otherwise comply with applicable privacy laws, we could face potentially adverse publicity and possible legal or other regulatory
action. In addition, some countries are considering enacting laws that would expand the scope of privacy-related obligations
required of service providers, such as Adobe, that would require additional compliance expense and increased liability.
Security vulnerabilities in our products and systems could lead to reduced revenues or to liability claims.
Maintaining the security of our products, computers and networks is a critical issue for us and our customers. Security
researchers, criminal hackers and other third parties regularly develop new techniques to penetrate computer and network security
measures. In addition, hackers also develop and deploy viruses, worms and other malicious software programs, some of which
may be specifically designed to attack our products, systems, computers or networks. Additionally, outside parties may attempt
to fraudulently induce our employees or users of our products to disclose sensitive information in order to gain access to our data
or our customers’ data. These potential breaches of our security measures and the accidental loss, inadvertent disclosure or
unauthorized dissemination of proprietary information or sensitive, personal or confidential data about us, our employees or our
customers, including the potential loss or disclosure of such information or data as a result of hacking, fraud, trickery or other
forms of deception, could expose us, our employees, our customers or the individuals affected to a risk of loss or misuse of this
information, result in litigation and potential liability or fines for us, damage our brand and reputation or otherwise harm our
business.
Although these are industry-wide problems that affect computers and products across all platforms, they affect our products
in particular because hackers tend to focus their efforts on the most popular operating systems and programs and we expect them
to continue to do so. Critical vulnerabilities may be identified in certain of our applications. These vulnerabilities could cause such
applications to crash and could potentially allow an attacker to take control of the affected system, which could result in liability
to us or limit our ability to conduct our business and deliver our products and services to customers. We devote significant resources
to address security vulnerabilities through engineering more secure products, enhancing security and reliability features in our
products and systems, code hardening, conducting rigorous penetration tests, deploying security updates to address security
vulnerabilities and improving our incident response time. The cost of these steps could reduce our operating margins. Despite
these efforts, actual or perceived security vulnerabilities in our products and systems may lead to claims against us and harm our
reputation, and could lead some customers to seek to return products, to stop using certain services, to reduce or delay future
purchases of products or services, or to use competing products or services. Customers may also increase their expenditures on
security measures designed to protect their existing computer systems from attack, which could delay adoption of new technologies.
Further, if we or our customers are subject to an attack, or our technology is utilized in a third-party attack, it may be necessary
for us to take certain measures and make certain expenditures to take appropriate responsive and preventative steps. Any of these
actions by customers could adversely affect our revenues.
Some of our lines of business rely on us or our third-party service providers to host and deliver services and data, and any
interruptions or delays in these hosted services, security or privacy breaches, or failures in data collection could expose us to
liability and harm our business and reputation.
Some of our lines of business and services, including our online store at adobe.com, our Creative Cloud offering, our hosted
Digital Media offerings and our Adobe Marketing Cloud offerings, rely on services hosted and controlled directly by us or by
third parties. Because we hold large amounts of customer data, some of which is hosted in third-party facilities, a security incident
may compromise the confidentiality, integrity or availability of customer data. Unauthorized access to customer data may be
obtained through break-ins, breach of our secure network by an unauthorized party, employee theft or misuse, or other misconduct.
It is also possible that unauthorized access to customer data may be obtained through inadequate use of security controls by
customers. While our products and services provide and support strong password controls, IP restriction and account controls,
their use is controlled by the customer. As such, this could allow accounts to be created with weak passwords, which could result
in allowing an attacker to gain access to customer data. Additionally, failure by customers to remove accounts of their own
employees, or granting of accounts by the customer in an uncontrolled manner, may allow for access by former or unauthorized
customer employees. If there were ever an inadvertent disclosure of personal information, or if a third party were to gain
unauthorized access to the personal information we possess on behalf of our customers, our operations could be disrupted, our
reputation could be harmed and we could be subject to claims or other liabilities. In addition, such perceived or actual unauthorized
disclosure of the information we collect or breach of our security could damage our reputation, result in the loss of customers and
harm our business.
Because of the large amount of data that we collect and manage on behalf of our customers, it is possible that hardware or
software failures or errors in our systems (or those of our third-party service providers) could result in data loss or corruption or
cause the information that we collect to be incomplete or contain inaccuracies that our customers regard as significant. Furthermore,
our ability to collect and report data may be delayed or interrupted by a number of factors, including access to the internet, the
Table of Contents