Company
Overview
We provide secure information exchange capabilities for enterprises and consumers through the development and
distribution of software, delivery of managed and hosted solutions, and provisioning of associated services. We have thousands of enterprise customers and more than one million individual consumers in over 150 countries. Our solutions are used by
more than 20,000 U.S. Army users deployed worldwide.
We operate primarily in the Managed File Transfer, or MFT, industry. We
are evolving our MFT focus into adjacent solution spaces that creates what we refer to as Total Path Security. The Total Path Security framework addresses data and information management, movement, security and accessibility across a broad range of
environments encompassing data and information in motion (for example, with traditional MFT solutions delivered as on-premises software or as a cloud service) and at rest (for example, through securely deleting or purging files or securely
accessing stored data from mobile tablet or smartphone devices using our TappIn solution).
Our solution portfolio facilitates
transmission of critical information such as financial data, medical records, customer files, vendor files, personnel files and other similar documents between diverse and geographically separated network infrastructures while supporting a range of
information protection approaches to meet privacy and other security requirements. Our products provide the ability to monitor these activities, as well as access the underlying data, securely and flexibly through a wide range of network-enabled,
mobile devices, including tablets and smartphones.
Our solutions ensure compliance with government regulations relating to
the protection of information while allowing users to reduce IT costs, increase efficiency, track and audit transactions and automate processes. Our solutions also provide data replication, acceleration of file transfer, sharing/collaboration and
continuous data backup and recovery to our customers. We believe we are strongly positioned to provide secure transfer, sharing, and replication of files that need to be transmitted inside the users firewall to distributed offices, or outside
the users firewall to business and trading partners, including network-enabled, mobile devices.
Our initial product,
CuteFTP, a file transfer protocol client program used mostly by individuals and small businesses, was first distributed in 1996 over the Internet and achieved significant success and popularity. Since then, we have continued to enhance our portfolio
of products to meet the increasing demand for secure information exchange in the MFT industry and adjacent markets such as cloud services. Our capabilities have evolved from personal and small business MFT products to include standard and enterprise
versions of our Enhanced File Transfer, or EFT, software, with an increasing number of add-on modules that provide additional capabilities such as ad hoc file transfer, advanced auditing and reporting, government-validated cryptography, and workflow
automation. We have also developed Wide-Area File Services, or WAFS, and Continuous Data Protection, or CDP, software which further enhances the ability to replicate, share and backup files within a wide area network or local area network, at WAN
and LAN speeds.
We also offer managed e-mail attachment, software-as-a-service, or SaaS, and cloud-based subscription
solutions for information sharing solutions. Our managed e-mail attachment solution addresses the needs of customers who are constrained by the typical limits on e-mail attachment size or who require additional security, auditing, and reporting for
file attachments shared through e-mail. Our SaaS and cloud-based subscription solutions allow customers to reduce their upfront and total cost of ownership and achieve other recognized benefits of cloud-based solutions, including service elasticity
and strong service level agreements for IT infrastructure reliability and performance.
3
Our managed cloud-based subscription solutions are a notable part of our future revenue
model plans because they provide recurring revenue which potentially builds over time, as compared to sales of on-premises software licenses which must be reconstituted every period. While we are in the early stages of growing our subscription
services, we already have added capability to deliver these services in additional geographies, such as the United Kingdom and Canada, where country-specific compliance requirements may necessitate in-country service delivery
In December 2011, we entered the secure content mobility market with the acquisition of TappIn, Inc. Secure content mobility provides
users with the ability to easily and securely access and share data and information using a web-browser, tablet or other mobile device such as a smartphone. Secure content mobility integrates aspects of ad hoc file transfer, broader MFT
capabilities, cloud services, and remote accessibility to address growing market demand for secure, anytime and anywhere, device-independent access to distributed content. We believe that the addition of secure content mobility
capability to our portfolio potentially has profound implications due to the continuing growth of tablet computers and smartphone sales and their increasing adoption by business users.
Industry Background
The Internet has become an integral part of daily operations for individual users and companies of all sizes, not only for e-commerce, but also as a means of managing information between central and
remote locations and with associates, employees, partners, suppliers, and customers. Corporate information managers must protect business assets, ensure that policies and processes meet regulations governing the management of sensitive information,
and ensure that the right people have access to the right information at the right time. Global operations, diverse business partners and networks further emphasize the need for common standards to ensure compatibility, scalability, privacy,
security and cost-effective integration. All of these needs have created the need for maintaining the security of data and information in motion (for example, with traditional MFT solutions delivered as on-premises software or as a cloud service)
and at rest (for example, through securely deleting or purging files or securely accessing stored data from mobile tablet or smartphone devices using our TappIn solution).
The need for MFT and secure content mobility solutions is particularly strong for organizations faced with a daunting array of privacy,
security, and remote accessibility challenges stemming from various regulatory and business requirements for data privacy and confidentiality. Regulatory and privacy requirements include federal legislation and regulations such as the Health
Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA),the Federal Trade Commission Red Flags Rules, as well as state legislation and regulations in the U.S such as California Senate Bill (SB) 1386 and the data
security regulations issued by the Massachusetts Office of Consumer Affairs and Business, as well as the extraterritorial requirements such as the European Union Data Protection Directive. Some of these statutes and regulations impose severe
penalties for improper disclosure of confidential information. Industry best-practices such as the Payment Card Industry Data Security Standard (PCI DSS) and self-imposed business requirements lead to the need to secure and protect consumer
information, intellectual property and trade secrets. These measures offer protection against disclosure of proprietary information and also reduce corporate risks associated with the potentially devastating consequences of security breaches.
Markets for MFT and secure remote access grew from mainstream adoption of the Internet, the subsequent exponential growth in
data and information sharing, and the growing realization that information is a significant business currency requiring appropriate security, management, auditing, and reporting, and also subject in many cases to regulatory and privacy requirements.
Similarly, the cloud services market arose from recognition that the Internet allows ubiquitous, global access to data and information services. By leveraging Internet technologies, and delivering services through appropriately secured and managed
shared resources, cloud-based solutions allow businesses and other organizations to achieve economies of scale and greater operational agility. Cloud
4
solutions also can support individual consumer needs for information access and sharing at very affordable costs. Secure content mobility solutions provide these same benefits, but extend the
information delivery model to and from the broadest range of network-enabled devices, including smartphones and tablets.
Our
primary industry is known as managed file transfer. The MFT industry has its technical origin in the file transfer protocol, or FTP. FTP dates back to 1980 (RFC 765, later superseded by RFC 959), with even earlier RFCs guiding prior attempts to
establish standards for file transfer protocols. The use of file transfer protocols increased dramatically with the explosive growth of the Internet and the World Wide Web during the 1990s. The MFT industry arose from recognition that FTP, alone,
does not provide adequate security and management capabilities for file transfers. MFT solutions offer a greater degree of security and control than FTP. Features available in MFT solutions include integrated security, auditing capabilities,
performance monitoring, and reporting. The MFT industry includes low cost, or even free, solutions that offer basic capabilities. However, businesses and even individuals procure more advanced solutions that provide scalability, enhanced security
options, automated workflow, dedicated maintenance and support, and other features that facilitate high-confidence, secure and cost effective file transfers.
Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be
rapidly provisioned, released, and scaled to meet requirements. We believe the continuing movement to cloud services is analogous to the telecommunications shift from dedicated point-to-point circuits to a delivery model in which the entire
telecommunications infrastructure potentially can be used to establish, maintain, and manage individual connections on an as-needed basis. Cloud implementations may be public, private, community or a hybrid combination. In a private cloud, the
infrastructure is operated solely for a specific organization. In a community cloud, the infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy,
and compliance considerations). In a public cloud the infrastructure is made available to the general public or a large industry group. A hybrid cloud is a composition of two or more clouds (private, community, or public) that remain
unique entities but are bound together by standardized or proprietary technologies that enable data and application portability (for example, cloud bursting for load-balancing between clouds).
The secure content mobility market has emerged from a confluence of the same primary market forces that drove demand for MFT and cloud
services, with those forces magnified by the exponential, worldwide proliferation of mobile devices. According to a recent report by Cisco Systems, global mobile data traffic grew by 70% in 2012. The Cisco report also states that mobile data traffic
in 2012 was nearly 12 times the size of the entire global Internet in 2000 and projects that such traffic will increase 13-fold between 2012 and 2017. The report further projects that the number of mobile-connected devices will surpass the
worlds population in 2013. Secure content mobility solutions will become increasingly necessary to allow business and consumers to securely access and share data, potentially across multiple network-enabled devices to include smartphones and
tablets. The content delivery model will include solutions like TappIn that provide access directly to and from on-premises or personal devices, with those solutions possibly interoperating with cloud-based data repositories.
Strategy
Our Total Path Security framework encompasses protection of data in motion and at rest. We intend to build upon our leadership position
in the MFT market to provide businesses, other organizations, and individual users with the solutions necessary to meet their growing need for secure information exchange within the Total Path Security framework. From our perspective, more fully
addressing this need for secure information exchange requires consideration of capabilities beyond traditional MFT, including managed e-mail attachment, cloud-based, and remote access security solutions. We believe we must consider ongoing,
fundamental changes in customer technologies and processes, such as the rapidly increasing use of mobile devices, including Bring Your Own Device, or BYOD, aspirations, in the workplace.
5
Our strategic focus continues to center on:
|
|
|
Entering and establishing leadership in broader information exchange markets while maintaining leadership in the MFT industry.
|
|
|
|
Growing recurring revenue.
|
|
|
|
Developing and enhancing our software solutions.
|
|
|
|
Entering and extending our presence in the secure content mobility market.
|
|
|
|
Increasing international sales through third-party distributor channels.
|
|
|
|
Growing enterprise and government sales, and
|
|
|
|
Developing our corporate brand and market recognition.
|
Entering and Establishing Leadership in Broader Markets
Gartner and
International Data Corporation (IDC) have stated that the annual MFT market is in excess of $700 million. We are a leader in MFT products and services. In 2012, we achieved one of the highest ratings in the latest Managed File Transfer
(MFT) Vendor Landscape Report from Info-Tech Research Group. The report designated GlobalSCAPE a Champion in its Vendor Landscape matrix and awarded the Company Exemplary Performer status in both security strength and ad hoc
file transfer capabilities. Info-Tech Research Group evaluated criteria such as strategy, viability, sales and support reach, and channel partner programs. We scored high in all categories, earning the ranking of Champion. Their
evaluation of our strategy garnered one of the highest possible scores due in part to our TappIn product line and our approach to mobile file access. Also playing a role in our rating was the assessment of our EFT Enterprise Edition, one of our
primary MFT solution products. EFT Enterprise Edition was commended for its ability to meet advanced security requirements, its flexible deployment options and our responsive customer support. We also received the highest marks for our available
features and flexible system architecture.
We also were in the leaders quadrant of the
Gartner Magic Quadrant for
Managed File Transfer
in 2011 and 2010, the latest years for which Gartner published this magic quadrant. With MFT capabilities increasingly being integrated into business-to-business, or B2B, gateway, data integration, service oriented
architecture, and other technical solutions, we believe the market will continue shifting toward consideration of MFT as more of a feature than a solution. This shift may take many years, but we believe early recognition of the trend and
appropriate strategic planning increase our potential for evolving our solutions in front of the ongoing market changes. We have begun to address this shift in a number of ways.
We offer services to the much larger, and adjacent, cloud services market with our Managed Information Xchange, or MIX, and Hosted
Enhanced File Transfer solutions. Gartner, a notable industry analyst, estimated the cloud computing market would grow from an estimated $109 billion in 2012 to approximately $207 billion by 2016. This market includes categories such as
infrastructure-as-a-service, management and security, and SaaS. Our partner agreements with hosting providers such as Rackspace and Peer 1, and the proven, modular capabilities of our EFT solution suite, provide us a straightforward path for
delivering our products and technology to specific segments of this market
Our Secure Ad Hoc Transfer module, or SAT module,
is designed for companies needing an out-of-the-box solution to exchange files without the problems typically associated with having to manually create temporary FTP accounts, accept the size limitations and security issues of regular email, or
contend with the time delays and high costs of overnight and physical shipments. The SAT Module works in conjunction with our EFT solution and allows users inside an enterprise to send and receive files of any size to and from recipients outside the
organization with secure authentication, non-repudiation and auditing capabilities. We have added other adjacent-market capabilities, such as business automation, to the EFT software also through our modular solution architecture. These capabilities
are helping to underpin the consistent growth in revenue from the EFT solution
6
suite. In addition, our Mail Express solution was recognized by Info Security Products Guide as a Global Excellence Award winner in February 2012 in the Email Management and Security
category. We believe strengthening our ad hoc file transfer solutions remains a key strategy element and we intend to pursue solution enhancements in this area in future periods. Our secure content mobility competencies provide a potentially
compelling complement to traditional MFT capabilities, including ad hoc file transfer solutions. We have developed a secure mobile access module for our EFT solution as an initial point of integration with our TappIn technology. We regard secure
content mobility potentially as a unifying concept for our solution portfolio given the central position and importance of content (i.e., data and information) in the market drivers for our solutions. We intend to further integrate our solution
capabilities, for example as demonstrated by the February 2013 integration of Mail Express functionality as a module within the EFT solution suite, to take advantage of potential synergies and strengths across our solution portfolio, while also
possibly simplifying our marketing and sales processes.
We believe that building on our MFT capabilities provides a clear
opportunity to increase our average transaction size and repeat business through greater scalability, business integration, and application of professional services to support implementation planning and execution. Our enterprise solutions, such as
EFT Enterprise, have increased considerably in capability over the years. The add-on modules available for EFT Enterprise and increased technical performance for other offerings in our portfolio provide a strong platform for greater business
adoption and integration of our solutions. We believe continued focus on capabilities necessary for even broader B2B applicability, including appropriate treatment of evolving secure content mobility requirements, is a key strategic opportunity for
our future business operations.
With MFT capabilities increasingly being integrated into B2B gateway, data integration,
service oriented architecture, and other technical solutions, the need to keep evolving our solutions and entering adjacent markets also is clear. We continue to believe the market will shift toward consideration of traditional MFT as more of a
feature than a solution. This shift may take many years, but we believe early recognition of the trend and appropriate strategic planning increase our potential for evolving our solutions in front of the ongoing market changes.
Growing Recurring Revenue
Recurring revenue includes M&S contracts and subscriptions for our cloud-based managed and hosted solutions. In the broadest sense, delivery of labor hours on long-duration professional services
contracts also fits within this growth strategy because such contracted sales provide a book of sold business that will be recognized as revenue in future periods with some revenue from these labor contracts potentially visible even two
or three years in the future. We believe increasing recurring revenue provides greater predictability of revenue in future periods and a stronger hedge against future business or broader economic downturns.
We believe execution of this strategy element potentially could provide greater predictability of revenue in future periods and a
stronger hedge against future business (or broader economic) downturns. Currently, the largest component of our recurring revenue is from M&S contracts which grew 20% or more in both 2012 and 2011 compared to the prior year. We intend to focus
on delivering continued growth in deferred revenue, while assessing market traction for the full range of our solutions on an ongoing basis. From this perspective, deferred revenue may continue to grow in absolute terms, and as a percentage of total
revenue, for some period of time, depending on the relative future growth rates of all of our solutions.
As discussed under
Key Business Metrics in Managements Discussion and Analysis of Financial Condition and Results of Operations, subscription sales may change the trajectory of our prior revenue growth. We believe that due to its
compounding effects, subscription revenue potentially can grow more quickly and significantly than software license revenue and create increased operating margins.
7
Developing and Enhancing Our Solutions
We have allocated significant resources to enhancing and developing our solutions in recent years. This strategic focus has delivered
substantially more capable releases of our Enhanced File Transfer, WAFS and Mail Express solutions, plus our cloud-based offerings, TappIn mobile file access and monitoring products and professional services. We intend to maintain our focus on
developing our solution portfolio and, as appropriate, enhancing our existing solutions.
Our solution portfolio may evolve
over time, for example, through development of new offerings in adjacent markets or through acquisitions. We maintain an active research and development program and work closely with partners and others in the industry to identify new solution
opportunities. As an example, we began our first original equipment manufacturer, or OEM, partnership with Network Automation in 2008, embedding Network Automations AutoMate product as the Advanced Workflow Engine, or AWE, module to our
Enhanced File Transfer Server solution. During 2010, we expanded our partner agreement to become a worldwide reseller of Network Automations software solutions, AutoMate and AutoMate Business Process Automation Server. Over the past three
years, we have partnered with hosting providers (including Rackspace Hosting) to deliver the MIX and Hosted EFT Server solutions. Also, in December 2011, we acquired the TappIn secure content mobility technology.
As we evolve our solution portfolio, we intend to maintain an appropriate balance between legacy and new solutions, including making
choices about transitioning, sustaining, or retiring solutions as necessary to best operate under prevailing business conditions. Transitioning or sustaining solutions may involve consolidating capabilities within our solution portfolio, releasing
upgrades in response to market or customer needs, or making bug fixes in accordance with our communicated End of Life, or EOL, Policy. We also may phase out solutions periodically in accordance with the EOL Policy.
Entering and Extending our Presence in the Secure Content Mobility Market
In December 2011, we entered the secure content mobility market with the acquisition and introduction of our TappIn product line. Secure
content mobility provides users with the ability to easily and securely access and share data and information using a web-browser, tablet or other mobile device such as a smartphone. Secure content mobility integrates aspects of ad hoc file
transfer, broader MFT capabilities, cloud services, and remote accessibility to address growing market demand for secure, anytime and anywhere, device-independent access to distributed content.
We believe the addition of secure content mobility capability to our portfolio potentially has profound implications due to the
continuing growth of tablet computers and smartphone sales and their increasing adoption by business users. While storing and accessing data in a cloud environment is viable in many circumstances, we believe there also is a significant demand in the
marketplace for the ability to access data in a manner similar to that offered by cloud computing but with the data being accessed and stored within the security of computers, servers or data centers owned by or dedicated solely to a particular
individual or enterprise, rather than in the cloud. Many of our customers already using our EFT Server and other products have expressed a desire to have the flexibility to access their data or monitor the status of their MFT activities from
anywhere using a tablet computer or smartphone and security protocols at least equivalent to that offered by our EFT Server and other products. Our TappIn technology, if further developed, potentially can provide that accessibility. Therefore, we
intend to expand and enhance the TappIn capabilities and appeal for enterprise customers.
TappIn currently supports the
consumer users needs by providing the capability to access data stored on the users personal computer, network attached storage or similar device from a remote location using a tablet, smartphone or other network-enabled device. There is
demand in the marketplace for this capability in light of concerns about the security of personal data when it is stored in the cloud. We are accessing this market through direct sales of the TappIn application to consumers through our website and
by partnering with major storage device manufacturers who will ship their products pre-configured with TappIn capabilities.
8
Increasing International Sales Through Third-Party Distributor Channels
We have added several channel partners in recent years and also organized our sales force and associated sales processes, to more
effectively support our partner network worldwide. Channel partners resell, distribute, or integrate our solutions. These channel partners provide us with additional opportunities to penetrate deeper into existing markets and enter new sales
territories.
Channel sales can help us establish a lower-touch delivery model through which we train and provision the
partners to sell and distribute our solutions. We leverage this approach to reduce our over cost of marketing and selling our solutions in geographic areas where it would be costly to establish a presence with our own employees. To facilitate this
approach, we host channel partner conferences to provide a forum for exchanging ideas and delivering partner-specific sales education and training. We currently derive approximately 88 percent of our sales from the United States, United Kingdom,
Canada, and Australia. Achieving an additional presence in regions we do not yet serve to any notable degree could increase our sales in future years.
Growing Enterprise and Government Sales
GlobalSCAPE conducts
business with thousands of businesses around the world. We provide solutions to some of the worlds largest banks, insurance companies, healthcare providers, automakers and film companies. We intend to continue penetrating large enterprise
firms with our expanding solutions and services.
Government sales, particularly large contracts from the U.S. Army, have had
a significant positive impact on our growth and market image since 2007. However, these large contracts also have caused significant swings in our financial results. We are focused on more deliberate growth in government sales, including software
and associated services, potentially augmented by occasional large product orders.
We have a contract with the U.S. Army to
support the Standard Army Maintenance System-Enhanced (SAMS-E) logistics program. This is the fourth large U.S. Army contract for GlobalSCAPE since 2005. This contract extends through September 2013. It is a sole source contract for $1.35 million,
which we will recognize as revenue in equal monthly installments over that term. Under this agreement, we will continue to provide maintenance and support to previously purchased software licenses, including the Enhanced File Transfer Server
solution and CuteFTP Pro managed file transfer application. GlobalSCAPE solutions enable the SAMS-E program to maintain compliance with federal and U.S. Army and information security regulations as a result of our product certifications that include
Federal Information Processing Standards (FIPS 140-2) and the U.S. Army Certificate of Networthiness.
Developing our Corporate Brand
GlobalSCAPE traditionally has been better known for CuteFTP than as a corporate brand. We have an ongoing initiative
to elevate our corporate profile under the GlobalSCAPE brand. We use internal resources as well as outside marketing, communications and investor relations professionals to support this work.
We have participated in numerous analyst briefings and investor conferences that have increased our recognition within the investor and
analyst communities. We have revised our website, logos, and other areas reflecting our corporate brand. Through these activities, we have established a more consistent, recognizable brand that may better support future growth and market visibility.
We believe we have continued to enhance our brand through additional national and regional attention resulting from the
numerous corporate awards we have received including:
|
|
|
In 2012, the San Antonio Business Journal named us one of San Antonios fast track companies for revenue growth.
|
9
|
|
|
In 2012, we also were named one of the top 50 companies in the San Antonio Express-News Top Workplaces for the third year in a row.
|
|
|
|
In 2012, we were named one of the Best Places to Work by the San Antonio Business Journal for the third year in a row.
|
|
|
|
In 2011, Computerworld named GlobalSCAPE on its list of 100 Best Places to Work in IT for the second year in a row.
|
|
|
|
In 2012, Texas Monthly named GlobalSCAPE one of the best companies to work for in Texas for the third year in a row.
|
We were also named Software Magazines Software 500 ranking of the worlds largest software and service providers, now in its
29th year. The Software 500 is a revenue-based ranking of software and services suppliers targeting medium to large enterprises, their IT professionals, software developers, and business managers involved in software and services purchasing.
The ranking was based on total worldwide software and services revenue for 2010, including revenue from software licenses, maintenance and support, training and software-related services and consulting.
In addition to these corporate awards, we were named to Deloittes Technology Fast 500 for 2010 and 2009, a ranking that recognizes
the fastest growing technology, media, telecommunications, life sciences and clean technology companies in North America on the basis of five-year revenue growth. We believe our corporate, financial, and technical awards in aggregate increase our
market visibility and provide a stronger basis for continued development of the GlobalSCAPE brand.
Software Products
Managed File Transfer Products and Solutions
Our MFT products and solutions help users securely move and copy files on the Internet. FTP, along with more secure protocols such as SFTP, FTP/S, and HTTP/S, requires a client program to start a transfer
and a server program to accept the connection. A substantial portion of our revenues is derived from licensing our file management products, especially the EFT solution.
In 2012, we achieved one of the highest ratings in the latest Managed File Transfer (MFT) Vendor Landscape Report from Info-Tech Research Group. The report designated GlobalSCAPE a Champion in
its Vendor Landscape matrix and awarded the Company Exemplary Performer status in both security strength and ad hoc file transfer capabilities. Info-Tech Research Group evaluated criteria such as strategy, viability, sales and support
reach, and channel partner programs. We scored high in all categories, earning the ranking of Champion. Their evaluation of our strategy garnered one of the highest possible scores due in part to our TappIn product line and our approach
to mobile file access. Also playing a role in our rating was the assessment of our EFT Enterprise Edition, one of our primary MFT solution products. EFT Enterprise Edition was commended for its ability to meet advanced security requirements, its
flexible deployment options and our responsive customer support. We also received the highest marks for our available features and flexible system architecture.
Server-Based Managed File Transfer Software Solutions
Our server
software solutions are designed to provide businesses with increased file transfer security, automation, and performance when compared to traditional FTP-based and e-mail delivery systems. Our server solutions offer substantial ease-of-use
advantages compared to competitive products. Each provides two-factor authentication, enhanced visibility and monitoring of file transfers, support for IPv6, and additional security enhancements. These products are common, scalable solution
platforms that accommodate a broad family of add-on modules to support the users complex information sharing needs. For flexibility, these products preserve backward compatibility with our early version solutions.
10
Enhanced File Transfer Standard Edition (EFT Standard Edition)
. Our EFT
Standard Edition solution complements CuteFTP Pro (further described below) and other third party FTP clients by enabling encrypted transfers using SSL, SSH2 and advanced S/KEY password encryption. When used with CuteFTP Pro, EFT Standard Edition
offers a complete digital certificate management system giving system administrators the ability to manage digital certificates as well as initiate back-end processes with other customer systems. The latter functionality can be used as a partial or
total replacement for more complex, enterprise-level electronic data interchange systems. Additional features include remote management capability, the ability to operate multiple FTP sites with unique user management from a single server and the
ability to manage user accounts with advanced settings for maximum security and control. EFT Standard Edition is integrated with a Secure Mobile Access, or SMA, module that uses TappIn functionality to allow authorized mobile users to view files on
EFT.
EFT Standard Edition supports add-on modules and software such as the Auditing and Reporting module, High-Security
module, OpenPGP module, Web Transfer Client, Secure Ad hoc Transfer module, DMZ gateway, and FIPS 140-2 validated cryptographic libraries.
Version 6 of EFT Standard Edition and CuteFTP Pro Version 3.1 also received the Certificate of Networthiness from the U.S. Army Network Technology Command (NETCOM) during 2009. Our receipt of this
certificate enables Army installations worldwide to install and operate these server and client-based secure information exchange solutions. The availability of add-on modules, and migration to a common software code base with EFT Enterprise Edition
have dramatically increased the capabilities of EFT Standard Edition as compared to the legacy Secure FTP Server.
Enhanced
File Transfer Enterprise Edition (EFT Enterprise Edition)
. EFT Enterprise Edition is an enterprise file server, building on the base features of EFT Standard Edition. EFT Enterprise Edition supports large-enterprise installations and
is compatible with our AWE module. The AWE module provides over 200 built-in drag and drop workflow actions, including sending SNMP traps, communicating with mainframe computers, redirecting or relocating files, integrating SQL and XML
capabilities, and executing third-party applications, custom programs, and batch files.
EFT Enterprise Edition also supports
the Applicability Statement 2 (AS2) protocol, encrypting file system (EFS), the
multi-site
(and multi-platform) version of DMZ Gateway, two-factor authentication, active directory administration, Oracle DBMS, Microsoft SQL and many more
enterprise capabilities. In November 2012, we released our Business Activity Monitoring (BAM) dashboard as an additional module available for use with EFT Enterprise Edition. The BAM dashboard is designed for both technical and business
users requiring monitoring of business transactions. The BAM software provides an overview of transactions involving sensitive data transfers such as currency exchange, shipments and deliveries and other sensitive data transfers. Screen views
provided by the BAM dashboard are customizable by the user to display transactions in a manner responsive to their business needs.
Both editions of our EFT solution provide two-factor authentication, enhanced visibility and monitoring of file transfers, support for IPv6, and additional security enhancements. In February 2013, we
announced the general availability of EFT Standard 2013 and EFT Enterprise 2013 (collectively EFT 2013). The EFT 2013 release provides a significant update to the EFT Standard and Enterprise Editions. Some of the top improvements for EFT 2013
include full Unicode UTF-8 integration which allows data exchange in any language, improved support for implementations with hundreds of thousands of accounts, expanded administrative visibility and control of ongoing data transfers, and full
support for Microsoft Windows Server 2012 and Microsoft SQL Server 2012. In addition, EFT 2013 includes tight integration with our Mail Express solution, allowing users to exchange large or sensitive files securely via email attachment. This new
integration with Mail Express allows administrators to achieve even higher levels of efficiency and visibility than prior versions, through common auditing, reporting, and event rule processing.
11
CuteFTP
CuteFTP is a client side software product, installed on a users local computer, that enables file transfers from or to an FTP server. The target market for the CuteFTP product
includes corporate IT professionals who use it to transfer data between locations via the Internet and individual Web site operators who use it to upload their Web pages to their Web hosting provider, among others. CuteFTP simplifies use of file
transfer protocols presenting a user-friendly, graphical user interface that allows users to drag and drop files between computers, rather than requiring those users to interact directly with the underlying technical processes and
protocols. CuteFTP has won several awards, and has been favorably reviewed over the years in leading online and print trade journals, as being one of the most powerful, easy-to-use file transfer protocol program available. We offer CuteFTP in
English, German, French, Spanish, Japanese, Traditional and Simplified Chinese, Russian, Portuguese and Turkish.
CuteFTP
incorporates standards for encrypting data during transport and at rest, accelerating transfer of large files, and automating common file transfer tasks. It includes various features attractive to advanced users such as multi-part and concurrent
file transfers to maximize transfer speed, additional secure protocols, scheduled file transfers, automated site backups and scripting ability for automating FTP tasks. CuteFTP has been favorably reviewed by leading online publications including
CNets Download.com and PC Review.
We released our current CuteFTP Version 9 in November 2012. The Version 9 release
includes a number of updates, including support for Unicode (UTF-8) characters that will allow greater international use and Web Distributed Authoring and Versioning (WebDAV) support to facilitate collaboration between users in editing and managing
documents and files stored on World Wide Web servers. In creating the Version 9 release, we also simplified our CuteFTP product line by consolidated all the features of our previous multi-product CuteFTP product line for Windows operating systems
into the single new version. We also continue to offer CuteFTP Version 3.1 software for Mac platforms.
Wide-Area File Services and
Continuous Data Protection Solutions
Our Wide Area File Services, or WAFS, software provides a file sharing,
collaboration, and replication solution over multiple sites. WAFS technology can have our Continuous Data Protection (CDP) product added to provide enterprises with a file access and data protection combination that centralizes data
storage and IT administration facilities but doesnt compromise data sharing and protection.
Wide Area File Services.
Our WAFS software delivers a unified and accelerated file access system, instant
file-sharing and server-to-server mirroring across any distance, with full coherency and at near-LAN access speeds. WAFS delivers a true, wide area file solution for collaboration. Continuous, real-time multi-directional acceleration and mirroring
technology ensures that data exists in multiple places simultaneously and in complete synchronization, no matter where a change in any file is made. The data is mirrored between servers on the LAN, virtual private network, or across firewalls in
real time, with full support for file locking ensuring coherency. Our WAFS product ensures bandwidth efficient WAN utilization and that users have access to the most recent data. The off-line mode ensures continued data access in the event of WAN or
server outage. Our WAFS software is easy to deploy and manage remotely. It supports Autodesk
®
Revit
®
Architecture construction and design application. Most recent feature enhancements include compatibility with
Unicode character sets (which are encountered more frequently in international sales opportunities), and Local Sync, a feature that allows users to rapidly synchronize data while also simplifying implementation.
In April 2012, WAFS won the Network Products Guide 2012 Best Products and Services Awards in the Social Media, Networking or
Collaboration Solutions category. These awards highlight the best products and services, roadmaps, industry directions, technology advancements, and independent product evaluations of the year.
12
CDP
. Our CDP continuous backup software transparently and continuously captures data
from local and remote servers, eliminating the backup window and restoring data rapidly. Our software-only solution supports the ability to backup any number of branch servers or remote laptops to one or more centrally located systems. As files
change, file servers backup in real time to the customers backup site which can be at the same or a remote location. The backup server can keep any number of past versions of each file (and deleted files) which gives the customer immediate
restore, as well as the ability to perform point-in-time snapshots. Bandwidth requirements are minimal since only file differences are transferred to the backup system.
Managed E-mail Attachment Solution
Not all customers want to use
FTP, or even traditional MFT solutions, to transfer large files. Some customers prefer using their familiar e-mail application to send and receive large files such as images, video, data files, etc. However, e-mail traditionally has been ill-suited
to delivery of certain attachments due to typical infrastructure and administrator-defined limitations on e-mail attachment size. In many cases, these limitations preclude sending or receiving e-mail attachments larger than 10 to 20 MB.
Mail Express is a software add-in (also sometimes referred to as a plug-in) compatible with Microsoft Outlook. The add-in transparently
redirects e-mail attachments, up to 25 GB in size, for delivery in accordance with administrator-defined policies. Attachments specified in the policy (for example, by type or size) are replaced in the e-mail message with a hyperlink. The files are
transferred securely to the Mail Express server. The e-mail recipient clicks the hyperlink and is able to download the files from the Mail Express server using standard web-based download procedures with all communications using HTTPS (SSL or TLS
encryption). This approach can ease the load on the e-mail infrastructure and the long-term storage requirements associated with e-mail attachments. Mail Express also allows enhanced tracking and auditing of the file attachments through read
receipts and log files. Mail Express requires little or no user training because the add-in is transparent from the perspective of the sender and the recipient is able to use a familiar web browser for downloading the attachments.
Mail Express provides two-way file sharing and collaboration, an optimized administrator experience through enhanced workflow in the user
interface and a simplified deployment process. It provides a secure environment by supporting communication through the GlobalSCAPE DMZ Gateway. This DMZ Gateway support allows customers to implement Mail Express behind a demilitarized zone (DMZ)
firewall, providing an added layer of protection for data storage and retrieval, user authentication, and firewall traversal. The Mail Express Internal Web Portal provides full Mail Express functionality via a standard web browser to customer
employees who may not use Microsoft Outlook as their primary mail client. Other key features of Mail Express include support for Microsoft Outlook and Exchange 2010, improved performance, and optimization when interacting with anti-virus software,
and ease of scalability.
In February 2013, we announced the general availability of Mail Express Version 3.3. In addition to
the integration with EFT 2013, the new Mail Express includes a number of enhancements including:
|
|
|
More flexible language support through which users can specify a language by message or globally with full localization.
|
|
|
|
An administrative view of all connected clients with the client dashboard.
|
|
|
|
The ability to require recipients to login to pick up files with user authentication.
|
|
|
|
A single-sign-on capability that allows users to automatically login to the Mail Express Internal Web Portal using Windows credentials.
|
13
Mail Express awards and recognitions include:
|
|
|
In March 2012, Info Security Products Guide recognized Mail Express as the winner of the 2012 Global Excellence Award in the Email Management and
Security category. The 2012 Global Excellence Awards attracted entries from all over the world with more than 50 judges from a broad spectrum of industries determining the winners.
|
|
|
|
In April 2012, Mail Express was named a finalist in the Network Products Guide 2012 Best Products and Services Awards in the Email, Security, and
Management category.
|
Data Backup and Recovery Solution
In 2011 we released CuteBackup, a data backup and recovery software solution, compatible with Windows operating systems, aimed at helping
consumers and small business owners avoid a data loss catastrophe. The scalable, automated solution gives home and small business computer users complete backup and recovery protection, with an intuitive setup wizard that enables a simplified,
effective way of securing data. CuteBackup also offers Boot Corrector protection that can reboot the system and subsequently correct most common issues if the computer crashes and fails to restart. Additional features include automated
backup routines and selective restores. CuteBackup is powered by Paragon Software Groups Backup and Recovery 10 Suite.
Endpoint
Security Solution
We had planned to enter the endpoint security market through development of appShield, a software
application control, or whitelisting product. The appShield product was being developed under a Joint Development and Reseller Agreement between GlobalSCAPE and CoreTrace Corporation. In November 2012, CoreTrace Corporation sold substantially all
its assets to an unrelated third party resulting in CoreTrace ending its development work on appShield. This action provided us possession of the appShield source code while sustaining our prior appShield-related license rights. The notable
resulting change is that we now have the right to sell products based on the appShield source code with no royalty obligation to CoreTrace Corporation or any other party.
The consumer application control market has matured significantly since appShield product development began in 2009. That situation necessitates additional development work, which possibly could be
significant, to bring appShield to market. We are investigating whether to further develop this product on our own, engage others to continue the development for us, or sell the appShield rights to another party. We therefore have no date scheduled
for introduction of appShield to the market nor do we have specific plans to pursue introduction.
Maintenance and Support
We offer maintenance and support, or M&S, contracts to licensees of all of our software products. These M&S
contracts entitle the licensee to software upgrades and technical support services in accordance with the terms of our M&S contract. Standard technical support services are provided via e-mail and telephone during our regular business hours. For
EFT Server Enterprise and WAFS software, we offer a Platinum M&S contract which provides access to emergency technical assistance 24 hours per day 7 days a week.
Cloud-Based Services
GlobalSCAPE Managed Solutions
We have a partner agreement with Rackspace Hosting, Inc., a world leader in the hosting and cloud computing industry that began in 2010.
We have a similar agreement with PEER 1 Hosting to meet the growing European demand for our services. Through these relationships, GlobalSCAPE delivers cloud-based, managed
14
file transfer solutions for the secure exchange of business-to-business data, including large files and sensitive data. Our cloud-based solutions allow customers to outsource all or part of their
complex and demanding information exchange needs to reduce costs, improve operational efficiencies, track and audit transactions, and provide a greater level of security. We offer our cloud services capability in the United States, as well as in the
United Kingdom and Canada, to support solution delivery in instances where country-specific compliance requirements may necessitate in-country delivery of the services.
Managed Information Xchange
. Our Managed Information Xchange, or MIX, service delivers a hosted and managed MFT solution that enables cost effective, secure exchange of business-to-business data,
including large files and sensitive data. MIX is a fully GlobalSCAPE-managed solution for companies seeking complete support for the contracted services. The tiered service allows customers to outsource all or part of their complex and demanding
information exchange needs to reduce costs, improve operational efficiencies, track and audit transactions, and provide a greater level of security. Available solution tiers range from trial and proof-of-concept implementations to enterprise-scale
managed services.
Key benefits and features of the Managed Information Xchange offering include:
|
|
|
Pay as you go, flexible pricing that helps customers eliminate upfront capital expenditures.
|
|
|
|
Reduced ongoing maintenance expenses, including hardware, software, personnel, utility services, and backup costs.
|
|
|
|
Improved IT infrastructure reliability and performance enabled by the Rackspace and Peer 1 global infrastructure and other partner capabilities.
|
|
|
|
Easy and rapid deployment with scalable processing and storage capabilities.
|
|
|
|
The market-leading features and security capabilities of our EFT Server solution adopted by thousands of customers worldwide.
|
|
|
|
Operation of the cloud-based secure file transfer capability by our technical resources, in accordance with service level agreements.
|
We introduced our MIX solution in mid-2010. In 2011, Info Security Products Guide recognized MIX as the
winner of the 2011 Global Excellence Award in the Cloud category. The Info Security Product Guide recognition, together with previous awards received for EFT Server, broadened our portfolio of industry and market validations for our cloud-based
solutions.
Hosted Enhanced File Transfer Server
. In 2011, we introduced our Hosted Enhanced File Transfer Service.
This service expands our cloud-based solution portfolio by integrating a hosted version of our market-leading EFT Server solution with Rackspace Hosting, Peer 1 and other partner infrastructure. While this scalable and tiered service is structured
for the small-to-medium business, or SMB, market, it allows customers of all sizes to outsource all or part of their complex and demanding secure information exchange needs. Through such outsourcing, customers can greatly reduce costs, increase
efficiencies, track and audit transactions, and provide a greater level of security and compliance, at affordable price points. The Hosted EFT Server offering delivers these benefits while allowing direct customer management of the EFT Server
solution (as contrasted with the fully managed MIX service)
Software as a Service Solutions
SaaS delivers a software application over the Internet, or across other networks, to users on an on-demand basis. The SaaS delivery model
allows central administration and maintenance of the application with user access provided through a provider hosted website. SaaS appeals to many prospective customers because it uses cloud computing approaches in which the customer does not need
to install special software on the computer systems accessing the application. SaaS eliminates the need for the customer to purchase, install and maintain servers and other IT infrastructure to use and maintain the software.
15
Our SaaS solution, CuteSendIt, is a file transfer service for individuals, professionals,
and businesses. CuteSendIt uses cloud computing approaches to deliver files through a hosted web portal. This solution approach meets the needs of users who do not have, or wish to invest in, file transfer infrastructure such as FTP servers or
client application software. The solution scales from single-user to multi-user licensing with varying file transfer capabilities based, for example, on a maximum number of files, the aggregate data volume for files transferred each month or the
amount of long-term online storage required for the files.
Users access the CuteSendIt application over the Internet using a
standard web browser, securely upload files (up to multi-GB) through the portal and compose a brief message to accompany the file delivery. CuteSendIt then sends the message to the recipients as the body of an e-mail message. This e-mail message
also includes links to the files uploaded through the CuteSendIt web portal. Anyone with an Internet connection can access this service at www.cutesendit.com. There is no software to install with CuteSendIt, and no specific knowledge of file
transfer is needed to use it.
Secure Content Mobility Solution
We believe secure content mobility is a rapidly emerging central feature of our served markets, including our primary MFT market.
Exponential growth in smartphone and tablet sales and adoption, combined with rapid growth in retained content and BYOD expectations, will drive strong growth in this market segment. We acquired TappIn, Inc. in December 2011 to provide us with
initial entry into the secure content mobility market.
The TappIn GlobalSCAPEservice provides the ability to easily and
securely access and share documents, pictures, videos and music anytime, anywhere while eliminating or minimizing the storage of data in the cloud and the associated security and privacy concerns. From the office, at home, or on the road, customers
can Tapp In to their files, stored in multiple locations, using any web browser and most Internet-enabled mobile devices (including Apple iPhone and iPad, Google Android and Windows Phone and Kindle Fire). With TappIn, users can avoid
uploading and/or syncing to a cloud storage location and eliminate the need to pay for additional cloud storage. Instead, the TappIn service securely accesses the users existing in-house storage devices (such as a desktop computer, in-house
network servers or network attached storage devices), allows sharing files of any size and provides encryption to safeguard content.
The TappIn GlobalSCAPE service incorporates elements of on-premises software, cloud and SaaS delivery models. Unlike other remote access products that can consume significant amounts of storage capacity
on a smartphone or tablet, TappIn makes content available through a secure pathway that gives users access to files on their existing in-house storage devices without having to download those files to their mobile device. This delivery method not
only saves storage space on the mobile device but also ensures content remains secure and private on the users existing in-house storage devices.
We first offered these secure content mobility capabilities through our TappIn Standard Edition. In October 2012, we introduced TappIn Professional Edition, offering additional features that build upon
our TappIn Standard Edition. These additional features include:
|
|
|
Administrative capabilities that enable businesses (and their system administrators) to manage groups of users associated with the TappIn Professional
Edition subscription.
|
|
|
|
An OnTapp capability that allows subscribers to access and share files when their permanent storage device is turned off or in sleep mode
by storing selected files, for a user-defined period of time, in a transactional cloud repository without modifying the ongoing ability to access files stored on the users existing in-house storage devices.
|
|
|
|
Integration with Salesforce.com that enables access to information stored within a Salesforce.com account through the same interface used to access
content stored on the users existing, in-house storage devices.
|
16
The TappIn mobile file access capabilities are integrated with our EFT Server solution. The
Secure Mobile Access Module allows businesses and IT departments to better support the rapidly growing BYOD trend.
TappIn
solutions are available through direct sales and channel partners. TappIn enables channel partners to provide end-users with secure mobile access to rich-media content. TappIns OEM strategy is geared toward three major technology categories
hardware devices, content security software and SaaS providers, and carriers and network operators and is designed to provide industry leading secure access and file sharing capability. Hardware manufacturers may preload certain levels
of TappIn functionality on their hardware devices. Customers who purchase those devices are presented the TappIn solution and provided the opportunity to upgrade to a higher service level such as upgrading to the Professional Edition from the
Standard Edition or to the Standard Edition from trial usage.
We have established OEM relationships with hardware
manufacturers such as QNAP, Seagate, and most recently, Scale Computing. We also have been selected by SnappCloud as one of the preferred secure file access and sharing solutions for all Toshiba product users and OEM partners. In the area of content
security software, we have signed an agreement with ESET, a leading provider of anti-virus software, under which ESET will offer TappIns secure content mobility solution to customers wanting remote access and file sharing capability.
Most recently in the area of SaaS and hosting services providers, we announced an agreement under which the TappIn solution
will be included on the Rackspace Cloud Tools Marketplace. After downloading the TappIn solution, Rackspace customers will receive a 30-day free trial of the TappIn Professional Edition. Following the free trial period, customers can choose to
subscribe to either the Professional Edition or Standard Edition. These relationships, as well as other contracted and potential business arrangements, provide TappIn with direct access to well-established, synergistic, distribution channels.
TappIn has won numerous awards and accolades from leading industry authorities, including:
|
|
|
In December 2011, TappIn was selected as a Red Herring 2011 Top 100 Global award recipient, a prestigious recognition honoring the years most
audacious and far reaching private technology companies and entrepreneurs from across the globe.
|
|
|
|
In February 2012, the TappIn solution was recognized by Info Security Products Guide as a Global Excellence Award winner in the Software as a Service
(SaaS)/Cloud Solutions category.
|
|
|
|
In April 2012, the TappIn solution also was named a finalist in the Network Products Guide 2012 Best Products and Services Awards in the
Mobile/Wireless Solution category.
|
Professional Services
We offer a range of professional services to complement our software and cloud-based solutions. These professional services include
product customization and system integration, solution quickstart implementations, business process and workflow, policy development, education and training, and health checks. In addition, we may provide longer-term engineering
services, including supporting multi-year contracts, if necessary to support certain solution implementations and integrations.
Product Customization and System Integration.
Through our product customization and system integration services, we customize the branding, reporting, and administration capabilities of our solutions to meet specific customer requirements. Typical
deliverables include customized implementations, documentation for installations and customizations, and the installer programs necessary to install or reinstall the applicable solutions, drivers, and other software included in the customization and
systems integration project.
17
Custom Branding.
Custom branding services allow customers to incorporate logos,
different fonts, colors, hyperlinks, and additional text within the Web Transfer Client and the SAT module used with our EFT Server solution and Mail Express products.
Custom Reporting.
Custom reporting services leverage the flexibility and power of the Auditing and Reporting Module used with our EFT Server solution to deliver customer-specific formatting and
content using data tracked within the EFT Server solution. Custom reporting services also can provide customers with a web browser-accessible reporting module for the EFT Server solution. This module allows users to generate reports without
requiring administrative access to the EFT Server.
Custom Administration and System Integration
. Custom administration
and system integration services provide web-based administration and development capabilities for our EFT Server solution. A browser-accessible administrative module facilitates sub-domain administration of EFT Server through separation of duties.
The web-based user provisioning does not require full administrative access to the EFT Server and provides convenient access without the need to install client software. Other web services-based customizations expose much of the functionality within
the EFT Server component object model (COM) application programming interface (API). Exposure of the COM API allows integration with a customers existing IT infrastructure via open standards.
Solution Quickstart Implementation
Our Quickstart Implementation services accelerate implementation of our file transfer solutions within customer IT environments. Our engineers lead the product installation and configuration and provide
training and knowledge transfer to customer administrators. Quickstart Implementation services are available for the EFT Server, WAFS, and Mail Express secure information exchange solutions. Typical deliverables include requirements documentation,
implementation plans, and configuration documentation.
Business Process and Workflow
Business Process and Workflow services include workflow site surveys and implementation of the AWE Module used with our EFT Server
solution. The workflow site surveys assist customers with documenting business processes as they pertain to information delivery and sharing associated with file transfers. Typical deliverables include business process documentation for file
transfers, recommendations for process automation, workflow implementation and use documentation, and installation of the AWE module for use with the EFT Server solution.
Policy Development
Policy Development services help customers
establish and implement file transfer policies that address regulatory requirements and comply with corporate policies. Typical deliverables include a map or census of existing file transfer policies, standards, and procedures, recommended
improvements based on our best practices and updated policy documentation with customer-approved improvements.
Education and Training
Education and Training services provide classroom and hands-on instruction for implementing, maintaining and optimizing our secure information exchange solutions. Intermediate and advanced classes cover
the use of our EFT Server solution. We also provide business process instruction tailored to the AWE module. We can deliver training at customer facilities or from our offices. Typical deliverables include the instruction hours plus training
materials and solution documentation.
18
Health Checks
Health Check services provide customers with periodic assessments, education, and training, to help them get the most value from our
solution implementations. These services also allow customers to more easily maintain currency with the latest versions of our software and with best practices for sustaining and enhancing the deployments.
Longer-Term Engineering Services
In addition to the previously described professional services, we have developed our capacity to deliver longer-term engineering services. Beginning in 2010 we have been a subcontractor on the McLane
Advanced Technologies (MAT) industry team supporting the U.S. Army Standard Army Maintenance System (SAMS-E) program. As part of the MAT industry team, we are providing professional and technical services to support the SAMS-E program, including the
EFT solution (known as Secure FTP Server before the release of Enhanced File Transfer Server 6 in early 2009) and CuteFTP solutions integrated into the SAMS-E environment. We have deployed several engineers onsite at the MAT facility. We continue to
adjust the size of this team as required to best support contract requirements. Our increased capacity to deliver longer-term professional services also may be applicable to the commercial sector as we work closely with our enterprise customers to
help them best sustain their secure information exchange solutions and infrastructure.
Sales and Marketing
We emphasize developing our direct sales staff and reseller channels to capture those sales through a high level of individual attention
to the customer. For example, sales of our more complex enterprise solutions, such as EFT Server, WAFS and Mail Express, sales to larger enterprises, and sales of managed solutions and M&S contracts are delivered by our direct sales staff and
resellers in an environment of personal interaction with the customer.
We provide our sales staff and resellers with training
and professional development opportunities to ensure they are capable of meeting the needs of our prospects and customers. These sales team development activities focus on technical and process-oriented topical areas to enhance their ability to
identify prospects, best position our solutions and develop pipeline opportunities into sales.
Our reseller and distributor
relationships allow us to increase our market reach, particularly when pursuing international sales. We have established such relationships within specific industries, such as the government sector, and in multiple geographies outside of North
America in, for example, Europe, Australia, Asia, Latin America, and Africa.
We also sell our file transfer client programs,
such as CuteFTP, as well as EFT Standard Edition, certain of our EFT solution add-on modules, and CuteBackup via download from our
www.cuteftp.com
website. Prospective buyers may use certain of our software products for free during an
evaluation period that is typically for thirty days. The programs are automatically disabled if a license is not purchased by the end of the trial period. Our software is also available for download from a variety of independent Internet software
sites such as CNets Download.com, as well as sites in Western Europe, Canada, Australia, and Asia.
We offer our TappIn
solutions for trial and subscription activation from our
www.tappin.com
website. As with our software solutions, prospective subscribers may use the TappIn service for free during an evaluation period. At the end of the evaluation
period, the TappIn service is automatically downgraded unless the prospective customer activates a paid subscription.
In
addition to the
www.cuteftp.com
and
www.tappin.com
websites, we also maintain a corporate website,
www.globalscape.com
.
Our corporate website provides a variety of sales and marketing information for our
enterprise solutions. The website also includes links to the
www.cuteftp.com
and
www.tappin.com
websites to facilitate cross-marketing and potential promotions.
19
The segmentation and re-launch of our websites, implemented in 2012, allows us to leverage
the websites for marketing communication activities oriented toward specific market segments. We continually update the design of our websites to be responsive to the evolving marketplace and to provide a more solution-oriented perspective of our
business, improve site navigation and provide additional opportunities for visitors to contact us through the websites.
The
websites also provide an effective means of facilitating certain post-sale customer support functions. To facilitate self-help for common inquiries and issues, we provide free customer support via searchable knowledge bases on our websites. We also
sell maintenance and support plans to customers requiring assistance from our support services team.
Our marketing activities
consist primarily of online paid advertising (for example, Google AdWords), improvement of natural search-engine results, marketing communications initiatives such as press releases and increased media outreach, and attendance at key industry trade
shows, such as the RSA Security Conference. We also provide an online chat capability that allows us to interact in real time or near-real time with visitors to our website. Our reliance on online paid advertising has declined in recent years as we
have transitioned to a more strategic business development and sales approach based on the personal interaction discussed above. We also have reduced our reliance on online paid advertising by conducting ongoing search-engine optimization to enhance
our ranking for particular key words in natural search results of major search engines.
Customers
Our solutions have been sold to most of the Fortune 100 companies. Our products have been sold into more than 150 countries. No single
customer accounts for more than 10 percent of our revenue.
We continue to derive most of our revenue from commercial
customers in the U.S., U.K., Canada, and Australia. Our primary commercial vertical markets include finance, health care, energy, retail, manufacturing, and engineering. We also have a customer base in the local, state, and federal government
spaces. We continue to pursue additional government business by leveraging our certifications and industry validations.
Seasonality
Our products are marketed to individuals as well as large organizations. As a result of this mix within our customer base, we typically have not experienced significant seasonality in our sales other than
a typical modest decline in first quarter sales as compared to fourth quarter results. We believe this seasonality is related to our continued growth as an enterprise solution provider operating in an environment where first quarter sales possibly
slow as prospective customers begin to execute their business activities, including purchases of our solutions, in accordance with new-year budgets and plans.
Network and Equipment
We have contracted with various network providers
for Internet access. Our arrangements provide for redundancy in the event of a failure, and also for expansion of available bandwidth in the event that there is a dramatic increase in demand. To protect critical customer data, GlobalSCAPEs
Internet shopping cart utilizes SSL encryption. We maintain technical and physical measures and procedures compliant with the PCI DSS. We use a certified Approved Scanning Vendor and to verify our compliance with the PCI DSS.
We have dedicated servers on and off site and expansion plans in place to allow rapid and cost effective scalability. Our offsite servers
and data backup procedures provide a warm backup to our onsite servers for contingency purposes. The backups are performed in accordance with our disaster recovery plan.
20
Research and Development
Our internal software engineers are responsible for software design, managing the development process, testing and quality assurance. We
utilize offshore developers for a portion of the coding phase of software development for certain products. Our use of external developers allows us to tap into a highly skilled labor pool, maintain a 24-hour development schedule, decrease time to
market, and minimize programming costs.
All phases of development, including scope approval, functional and implementation
design, object modeling and programming, are subject to extensive internal quality assurance testing. We maintain an ongoing focus on improving our quality assurance testing infrastructure and practices. Technical reporting, for example through
WinQual, and customer support feedback confirm the continuing positive effect of our ongoing enhancement of research and development and quality assurance processes.
In 2012, we expended $3.5 million on research and development of which we capitalized $330,000 with the remainder recorded as research and development expense. In 2011 and 2010, we expended $3.1 million
and $3.0 million, respectively, on research and development all of which was recorded as research and development expense with none capitalized. We expect to continue to increase our research and development spending in future years as we focus
improving our current products and introducing new products.
Competition
The file management, content management and Web development software market sectors are intensely competitive, subject to rapid change
and significantly affected by new product introductions and other activities of market participants. Our primary competitors vary by product.
We have limited information regarding the market shares of our solutions in their respective categories. Many of our competitors have substantially greater financial, technical, sales, marketing,
personnel, and other resources, as well as greater name recognition and a larger customer base than we do. Significant competition characterizes the markets for our traditional MFT products. We anticipate we will continue to face increasing pricing
pressures from competitors in the future. Given there are low barriers to entry into the software market, and the market is subject to rapid technological change, we believe that competition will persist and intensify in the future. For more
discussion on the risks associated with our competition, you should read the information under Risk Factors Risks Related to Operations.
EFT Standard Edition
. EFT Standard Edition competes against a limited number of secure, Windows-based FTP servers. We believe our primary competitors are products sold by Ipswitch,
SolarWinds (through their December 2012 acquisition of RhinoSoft) and JSCAPE. EFT Standard Edition has the advantage of leveraging the success of CuteFTP through product integration, offering proprietary extensions to the FTP protocol, and
cross-marketing efforts to an existing customer base. EFT Standard Edition also benefits from being part of our EFT platform, which includes add-on modules, including the DMZ Gateway solution, and an upgrade path to EFT Enterprise Edition.
EFT Enterprise Edition.
EFT Enterprise Edition competes in the managed file transfer server market. We believe
our primary competitors are Axway, Ipswitch, IBM-Sterling Commerce and Tibco (including through their acquisition of Proginet). EFT Enterprise Edition has the advantage of being very cost effective in its market and allowing customers to flexibly
evolve their MFT implementation by procuring add-on modules such as our DMZ Gateway and Advanced Workflow Engine solutions.
CuteFTP
.
CuteFTP exists in a highly competitive environment with numerous FTP software utilities available on the
Internet for both the personal and professional user. CuteFTP is positioned as one of the only secure FTP client programs that support a wide range of security standards related to the FTP protocol. We
21
believe our primary competitors are consumer file transfer solutions sold by Ipswitch, Inc., SolarWinds (RhinoSoft) and products offered by Van Dyke Software, Inc. CuteFTP was the
second Windows-based FTP client to market and is consistently among the most frequently downloaded FTP clients on popular download sites. CuteFTP Mac, our FTP client for the Macintosh platform, competes with products offered by Fetch Softworks,
Interachry, Nolobe Software Pty Ltd, and Panic, Inc.
WAFS.
WAFS competes in the Wide Area File Services/Storage
market. We believe our primary competitors are Riverbed, Blue Coat and Cisco, who are delivering proprietary appliances. We believe that WAFS has the advantage of being a software-only solution which leverages corporate infrastructure and
minimizes the total cost of ownership.
CDP.
CDP competes in the highly competitive continuous data protection
market. We believe our primary competitors are CA XOsoft, Vision Solutions, and Symantec (Veritas). We believe CDP has the advantage of transparently and continuously capturing data from local and remote servers, eliminating the backup window and
restoring data rapidly.
Mail Express.
Mail Express competes in areas of the file transfer market associated
with e-mail attachment offloading. We believe our primary competitors are Accellion, Tibco (Proginet), Leapfile and Biscom. Mail Express has the advantage of centralized policies for outbound file attachments and a transparent end-user
experience, which allows for rapid customer deployments. Mail Express also has the benefit of integration with our most recent EFT release which provides customers with a more uniform administration experience for e-mail attachment offloading and
traditional MFT operations.
Cloud-based Managed Solutions for Secure Information Exchange
. Our MIX and Hosted
Enhanced File Transfer solutions compete with MFT SaaS solutions. We believe our primary competitors are Ipswitch, Axway, IBM-Sterling Commerce, Thru, Inc. and Accellion. MIX and Hosted Enhanced File Transfer have the advantage of
leveraging cost effective, secure hosting and cloud infrastructures, as well as Enhanced File Transfer management services provided by GlobalSCAPEs experts.
TappIn
. The TappIn solution has direct competitors such as PogoPlug and FileTek. In addition, TappIn competes for mindshare in the market with pure-play cloud data repositories like Dropbox
and Box and with computer remote control solution such as Citrix Systems (GoToMyPC) and LogMeIn.
CuteBackup.
CuteBackup competes in a highly competitive, and even saturated, market for on-premises backup solutions. While there are few means of differentiation in such an environment, CuteBackup allows us to make opportunistic sales, particularly to
customers who visit our website for other solutions, such as CuteFTP, or who wish to contract with one vendor for multiple products (for example, for consistency of support).
CuteSendIt.
CuteSendIt competes in the SaaS segment of the file transfer market. There are a large number of competitors, but we believe our primary competition includes YouSendIt,
LeapFILE, Dilbert Files, DropSend, SendThisFile, Box and Pando. CuteSendIt has the advantage of supporting multiple users, allowing larger files to be sent, and providing additional file tracking. However, some of the competitors offer
significant capabilities for free.
Governmental Regulation
Export Control Regulations
. All of our products are subject to U.S. export control laws and applicable foreign government
import, export and/or use requirements. The level of control generally depends on the nature of the goods and services in question. For example, the level of control is impacted by the nature of the software and encryption incorporated into our
products. Where controls apply, the export of our products may require an export license or authorization or that the transaction qualify for a license exception or the equivalent, and may
22
also be subject to corresponding reporting requirements. For the export of some of our products, we may be subject to various post-shipment reporting requirements. Minimal U.S. export
restrictions apply to all of our products, whether or not they perform encryption functions. Additionally, because GlobalSCAPE is a Department of Defense contractor, there are certain registration requirements that may be triggered by our sales. In
addition, certain GlobalSCAPE items and/or transactions may be subject to the International Traffic in Arms Regulations (ITAR) if our software or services are specifically designed or modified for defense purposes. Companies engaged in manufacturing
or exporting ITAR-controlled goods and services (even if these companies do not export such items) are required to register with the U.S. State Department.
Enhancements to existing products may, and new products will, be subject to review under the Export Administration Act to determine what export classification they will receive. In light of the ongoing
discussions regarding anti-terrorism legislation in the U.S. Congress, there continues to be discussions regarding the correct level of export control. Export regulations may be modified at any time. Modifications to the export regulations could
reduce or eliminate our ability to export some or all of our products from the U.S. without a license in the future, which could put us at a disadvantage in competing for international sales compared to companies located outside of the U.S. that
would not be subject to these restrictions. Modifications to the export regulations could prevent us from exporting our existing and future products in an unrestricted manner without a license or make it more difficult to receive the desired
classification. If export regulations were to be modified in such a way, we may be put at a competitive disadvantage with respect to selling our products internationally. We are working on enhancing our systems to address the impact of these
regulations on our products and services and understand the need to comply. We will complete technical reviews on any new products that we acquire or develop that may be subject to the requirements before we can export them.
Privacy Laws
. As our business evolves to incorporate more cloud and SaaS solutions, we will receive, transmit, and store
more and more information. As a result, we may be subject to various federal and State regulations regarding the protection of personally identifying information. Applicable laws may include, without limitation, federal laws such as the GLBA and
HIPAA, as well as state and regulations in the U.S., as international laws and regulations including the European Union Data Protection Directive. In the event our systems are compromised by an unauthorized party, many of these privacy laws require
that we provide notices to our customers whose personally identifiable data we reasonably believe may have been compromised. To mitigate the risk of compromised information, we use encryption and other security to protect our databases.
Intellectual Property
We regard some of the features of our internal operations, software, and documentation as proprietary and rely on copyright, patent, and trademark and service mark laws and trade secret protection, such
as confidentiality procedures, contractual arrangements, non-disclosure agreements and other measures to protect our proprietary information. Our intellectual property is an important and valuable asset that enables us to gain recognition for our
products, services, and technology and enhance our competitive position and market value.
As part of our confidentiality
procedures, we generally enter into non-disclosure agreements with our employees and independent contractors, resellers, and corporate partners. We enter into license or subscription services agreements with respect to our software, documentation,
and other proprietary information. Our standard license agreements are transferable only in limited circumstances and have a perpetual term. Our subscription services agreement for our hosted solutions restrict access and have a definite term. We
also educate our employees on trade secret protection and employ measures to protect our facilities, equipment, and networks.
Our trademarks and copyrights are central to our business. We have U.S. federal trademark registrations for GlobalSCAPE, GlobalSCAPE and
design, CuteFTP, CuteFTP Pro, CuteBackup, CuteSendIt and design, DMZ Gateway, Enhanced File Transfer Server and design, Availl, Mail Express, and Mail Express and design, and SnapEdit and pending U. S. federal trademark applications for appshield,
appShield and design, CuteSendit and
23
design, Stop to Ask, Stop Tomorrows Viruses Today, Total Recall, GlobalSCAPE Securely Connected, and other products on our roadmap. We have trademarks registered in Canada and the European
Union for GlobalSCAPE. We have obtained twenty-seven United States copyright registrations for all but the most recent versions of our software applications, and have applied for registration for the most recent versions. Our subsidiary, TappIn,
Inc., has pending U.S. federal trademark registration for TappIn and TappIn and design, and a registration for TappIn in China. We have two patents in the U.S. TappIn, Inc. has one pending patent application in the U.S and one pending application
filed under the Patent Cooperation Treaty (PCT).
Despite our efforts to protect our proprietary rights, unauthorized parties
may attempt to copy aspects of our products or to obtain and use information that we regard as proprietary. Policing unauthorized use of our products, which are licensed by the thousands and sold world-wide, is difficult. While we are unable to
determine the extent to which piracy of our software products exists, software piracy is a persistent problem. In selling our products, we rely primarily on click-wrap licenses which are not signed in writing by licensees and may be unenforceable
under the laws of certain jurisdictions. The laws of some foreign countries do not protect our proprietary rights to as great an extent as do the laws of the United States. Companies in the software industry, and other patent and trademark holders
seeking to profit from royalties in connection with grants of licenses own large numbers of patents, copyrights, trademarks, service marks, and trade secrets and frequently enter into litigation based on allegations of infringement or other
violations of intellectual property rights. We have received, and may receive in the future, communications from third parties asserting that our products infringe, or may infringe, the proprietary rights of third parties, seeking damages resulting
from such infringement or indicating that we may be required to obtain a license or royalty from such third parties. For more discussion on the risks associated with our intellectual property, you should read the information under Risk
Factors, especially Risks Related to Legal Uncertainty.
Employees
As of February 28, 2013, we had 95 full-time employees and 1 part-time employee organized as follows:
|
|
|
|
|
Department
|
|
Number of
Employees
|
|
Management and Administration
|
|
|
13
|
|
Research and Development
|
|
|
14
|
|
Quality Assurance
|
|
|
8
|
|
Marketing
|
|
|
6
|
|
Information Services
|
|
|
8
|
|
Professional Services
|
|
|
5
|
|
Sales
|
|
|
23
|
|
Customer Support
|
|
|
19
|
|
|
|
|
|
|
Total
|
|
|
96
|
|
|
|
|
|
|
None of our employees are covered by collective bargaining agreements. We believe our employee relations
are good.
Available Information
We file annual, quarterly and current reports, proxy statements and other information with the Securities and Exchange Commission. You may read and copy any document we file with the SEC at the SECs
public reference room at 100 F Street, NE, Room 1580, Washington, D.C. 20549. Please call the SEC at 1-800-SEC-0330 for information on the public reference room. The SEC maintains an internet web site that contains annual, quarterly and current
reports, proxy statements and other information that issuers (including GlobalSCAPE) file electronically with the SEC. The SECs web site is www.sec.gov. Our Annual Report on Form 10-K, Quarterly
24
Reports on Form 10-Q, Current Reports on Form 8-K and other reports and amendments filed with the Securities and Exchange Commission are available free of charge on our web site at
www.globalscape.com in the Investor Relations section as soon as practicable after such reports are filed. Information on our website is not incorporated by reference into this Form 10-K and should not be considered part of this report or any
other filing that we make with the SEC.
We have
described below risks we are aware of that could have a material adverse effect on our business, financial results of operations and financial condition and the value of our stock owned by our shareholders.
Risks Related to Our Operations
A
significant portion of our revenue is generated through maintenance and support revenue; decreases in maintenance and support sales or renewal rates, or a decrease in the number of new licenses we sell, will negatively impact our future revenue and
financial results.
Revenue from maintenance and support services, or M&S, we provide our customers comprised 48%,
45% and 42% of our total revenue in 2012, 2011 and 2010 respectively. We earn M&S revenue from new M&S contracts, typically sold with new software licenses, and from renewals of such contracts. Any reduction in the number of new software
licenses that we sell, or a reduction in sales of associated initial M&S contracts, therefore may have a long-term negative impact on our future M&S revenue, even if our customers continue to renew M&S contracts at historical rates. This
situation, in turn, would impact our business and harm our financial results.
Our customers have no obligation to purchase
M&S with their initial software license or renew their M&S contract after the expiration of their initial M&S period, which is typically one year. Our customers purchases of M&S, and our renewal rates, may decline or fluctuate
as a result of a number of factors, including the overall global economy, the health of their businesses, and the perceived value of the M&S program. If our customers do not purchase M&S with their initial software license or renew their
M&S contract for our products, our M&S revenue will decline and our financial results will suffer. In addition, a substantial portion of our quarterly M&S revenue is attributable to M&S agreements entered into during previous
quarters. As a result, if there is a decline in renewed M&S agreements in any one quarter, only a small portion of the decline will be reflected in our M&S revenue recognized in that quarter and the remainder will be reflected in our M&S
revenue recognized in the following four quarters or more and in a decrease in deferred revenue on our balance sheet. For more information, see Item 7, Management; Discussion and Analysis of Financial Condition and Results of
Operations.
If we are unable to develop, offer and deliver new and enhanced products and services that achieve widespread market
acceptance, or if we are unable to continually improve the performance, features, and reliability of our existing products and services, our business and operating results could be adversely affected.
Rapid technological changes, as well as changes in customer requirements and preferences, characterize the software industry. Just as the
transition from mainframes to personal computers transformed the industry thirty years ago, we believe our industry may transform in response to continued adoption of mobile devices and cloud services, growth of big data, and potential emergence of
capabilities resulting from disruptive innovation. In response, we have devoted significant resources to the development of new solutions, such as our cloud-based and secure content mobility services. We are making such investments through our
internal efforts, including further development and enhancement of our existing products, as well as through acquisitions of new product lines. Innovation, new product development or acquisition, and go-to-market activities involve a significant
commitment of time and resources and are subject to a number of risks and challenges including:
|
|
|
Developing, sustaining, and appropriately leveraging market intelligence to identify areas of market need that offer potentially high return on
investment for solution development.
|
25
|
|
|
Managing the length of the development cycle for new products and product enhancements, which may be longer than originally expected.
|
|
|
|
Adapting to emerging and evolving industry standards and to technological developments by our competitors and customers.
|
|
|
|
Extending the operation of our products and services to new platforms and operating systems.
|
|
|
|
Entering into new or unproven markets with which we have limited experience.
|
|
|
|
Managing new product and service strategies, including integrating our various security and file replication technologies, management solutions,
customer service, and support into unified enterprise security and file replication solutions.
|
|
|
|
Incorporating acquired products and technologies.
|
|
|
|
Developing or expanding efficient sales channels.
|
|
|
|
Obtaining sufficient licenses to technology and technical access from operating system software vendors on reasonable terms to enable the development
and deployment of interoperable products, including source code licenses for certain products with deep technical integration into operating systems.
|
Investments in new products may not result in sufficient revenue generation to justify their costs, or may cause short or long-term harm to our financial results. For example, customer adoption of our
cloud and mobile computing services may not occur as rapidly as anticipated, or competitors may introduce new products and services that achieve acceptance among our current customers, adversely affecting our competitive position, or we may not be
successful in future attempts to achieve disruptive innovation.
Further, given the rapid speed of changing customer
expectations and advancement of technology inherent in the software industry, the extensive and complex efforts required to create useful and widely accepted products and the rapid evolution of cloud computing, mobile devices, new computing
platforms and other technologies, our executive management team must act quickly, continuously and with vision. Although we have articulated a strategy that we believe will fulfill these challenges, if we fail to execute properly on that strategy,
adapt that strategy as market conditions evolve, or fail to internalize and execute on that strategy, we may fail to meet our customers expectations, fail to compete with our competitors products and technology and lose the confidence of
our channel partners and employees. This in turn could adversely affect our business and financial performance.
We earn the large
majority of our revenue and operating margins from our Enhanced File Transfer, licensed software solution suite and related maintenance and support services and, as a result, are highly dependent upon the continued success of this product line.
Our Enhanced File Transfer solution, or EFT, is one of our on-premises, managed file transfer solutions targeted
primarily to the enterprise and small and medium business user environments. This product line was responsible for over 75% of our revenue in 2012 and has provided substantially all of our recent revenue growth and most of the operating margin
necessary to fund our operations including, most notably, our sales and marketing and research and development activities. Declines and variability in demand for the EFT solution could occur as a result of:
|
|
|
Improved products or product versions being offered by competitors in our markets.
|
|
|
|
Competitive pricing pressures.
|
|
|
|
Failure to release new or enhanced versions of the EFT solution on a timely basis, or at all.
|
|
|
|
Technological change that we are unable to address with file transfer products or that changes the way enterprises utilize our products.
|
|
|
|
General economic conditions.
|
26
Due to our product concentration, our business, results of operations, financial condition,
and cash flows would therefore be adversely affected by a decline in demand for the EFT solution suite.
We may not achieve our expected
future financial results from our other product lines and services that include Mail Express, Wide Area File Services, CuteFTP, Managed Information Xchange, Hosted Enhanced File Transfer, TappIn and professional services.
Revenue from our products other than the EFT solution accounted for less than 25% of our total revenue in 2012. Our revenue from these
other products, and the related operating margins they contributed, generally declined in 2012 compared to 2011.
Improving,
and possibly even sustaining, our financial results is dependent upon achieving additional success in the marketplace with our products and services that complement and supplement our EFT solution suite. These products and services include CuteFTP,
Mail Express, Wide Area File Services, Managed Information Xchange, Hosted Enhanced File Transfer and TappIn. These solutions involve serving markets that in some ways differ from the markets we encounter when selling EFT software and maintenance.
Gaining additional traction in such markets will require that we market, sell, and support these solutions effectively. Each of these success factors has inherent risks due to, for example, our limited corporate expertise in the adjacent markets and
the possibility that the specific buyers of solutions in these adjacent markets may be different from the buyers with whom we interact throughout our traditional EFT solution sales cycle. Entering, obtaining traction, and sustaining growth in these
markets requires investments in engineering, marketing, sales, customer support, and internal business systems. If we do not effectively penetrate these markets, or if the resources necessary to effectively address these markets exceed our
expectations, our business and financial results could be adversely affected.
Our Managed Information Exchange, Hosted
Enhanced File Transfer and TappIn solutions are cloud-based services. We believe these cloud-based services potentially provide a significant revenue opportunity to supplement our EFT business. Cloud-based services are a relatively new solution area
for us that require technology development, marketing, sales and customer support techniques that can be distinctly different from those items as they relate to our EFT software that is installed on-premises at a customer location. Our experience
suggests that it will continue to take time to obtain market traction with these solutions and to identify the trends necessary to develop projections of future business performance. It is difficult to determine when, or if, our ongoing investment
in these products lines will achieve the desired levels of sales and contribution margins. If our ongoing development, marketing and sales of these products does not evolve as anticipated, our business and financial results could be adversely
affected.
A material portion of our professional services revenue is earned under our contract with McLane Advanced
Technologies, or MAT, in connection with their services to the U.S. Army. While we continue to earn professional services revenue under the MAT contract, the amount of our professional services requested by MAT has declined such that this revenue
decreased in 2012 compared to 2011. Our contract with MAT expires in 2013. MAT is under no obligation to renew or extend this contract. Should this contract not be renewed or extended, our business and financial results in the future could be
adversely affected.
Our acquisition of TappIn, Inc. in 2011 and possible future acquisitions give rise to risks and challenges that
could adversely affect our future financial results.
The TappIn acquisition, and acquisitions generally, involve a
number of risks and challenges, including:
|
|
|
Complexity, time, and costs associated with integration of the acquired business operations, workforce, products, and technologies into our existing
business, sales force, employee base, product lines, marketing and technology. The possibility exists that the integration ultimately may not be successful.
|
|
|
|
Diversion of management time and attention from our existing business and other business opportunities throughout the integration.
|
27
|
|
|
Potential loss or termination of employees, including costs associated with the termination or replacement of those employees.
|
|
|
|
Assumption of debt or other liabilities of the acquired business, including any future litigation related to alleged liabilities of the acquired
business.
|
|
|
|
The incurrence of additional acquisition-related debt as well as increased expenses and working capital requirements.
|
|
|
|
Potential dilution of earnings per share.
|
|
|
|
Increased costs and efforts in connection with compliance with Section 404 of the Sarbanes-Oxley Act.
|
|
|
|
Potentially substantial accounting charges for restructuring and related expenses, write-off of in-process research and development, impairment of
goodwill, amortization of intangible assets, and share-based compensation expense.
|
The ongoing integration
of TappIn, or any other acquired business, involves continually determining and leveraging the actual market synergies, sustaining and even extending the business performance of the acquired entity, implementing our technology systems in the
acquired operations and integrating and managing the personnel of the acquired operations. We also must continue to effectively integrate the different cultures of acquired business organizations into our own culture in a way that aligns various
interests.
Through the TappIn acquisition, we entered a new adjacent market in which we had limited experience at the time of
the acquisition. While our knowledge of this market has expanded since the acquisition, the secure content mobility market is an emerging market, with a wide range of potential solution approaches. More established, cloud-based data repositories and
service providers compete for market share and mindshare with TappIn. Some of these competitors have much stronger market positions than TappIn. The time and expense to market, sell and support the TappIn solution and possible future versions of the
solution, introduce additional risk to current operations.
Any of the foregoing, and other factors, could harm our ability to
achieve anticipated levels of financial performance from TappIn or to realize other anticipated benefits of the acquisition. In addition, because acquisitions of technology companies are inherently risky, no assurance can be given that our previous,
current, or future acquisitions will be successful and will not adversely affect our business, operating results, or financial condition.
We may engage third parties to develop products on our behalf; this may involve reliance on resources owned and managed by those third parties over
which we have no direct control.
In addition to researching and developing new products ourselves, we have in the past
and may in the future decide to evolve and expand our product offerings by engaging third parties to conceive, design and develop products on our behalf. These arrangements involve high levels of risk due to inherent uncertainties about the timely
delivery and ultimate viability of those products due to the reliance we must place on third parties to plan, perform and successfully complete work for us. These are processes for which we could have notably less direct control than if we performed
the work ourselves. These arrangements also involve us relying on the ongoing financial viability of the enterprise performing the work. This is a challenging risk to manage because we do not always have clear visibility as to the condition of the
overall enterprise. These risks could result in the product not being successfully completed within the expected timeframe, or at all, as has been the case to date with our appShield product. If actual results from these type endeavors we may
undertake in the future differ materially from original and ongoing expectations, our business, operating results and financial position could be harmed.
Our addition of subscription services, such as our cloud-based Managed Information Xchange and Hosted Enhanced File Transfer solutions in recent years, may impact our prior revenue trends as some
opportunities that otherwise would have materialized as software license sales potentially shift to subscription-based sales.
Much of our revenue growth in recent years has been attributable to license and maintenance and support sales of our EFT solution. Software license sales typically are intended for implementations on
customer
28
premises and are recognized as revenue when delivery of the software has occurred and collection of fees from the customer is deemed probable. Because revenue from a subscription is recognized
ratably over the life of the subscription, changes in the proportion of sales from software licenses and from subscriptions may result in substantial changes in our revenue trends and other financial metrics.
License fees for software to be installed at a customer site, such as our EFT solution, are typically recognized in full as revenue at
the time the software is delivered to the customer. Subscription services, on the other hand, are recognized as revenue over time as the services are delivered (assuming collection is deemed probable), typically on a monthly basis. Therefore, only a
ratable portion of the total value of a subscription services sale is recognized as revenue each month with the remainder recorded as deferred revenue. The portion of the total value of the subscription recognized as revenue each month decreases as
the contract term increases from 12 to 24, or 36 months.
The impact of subscription services on prior revenue growth trends
depends on several key factors, including the number of customers who may shift from software licenses to subscription services, the rate at which they may do so, the subscription term and fees, and the comparative value of the opportunity had it
materialized as a software license sale instead of as a subscription service. Generally, for a fixed number of opportunities (that is, without considering the possibility that a new service offering may result in additional sales opportunities),
addition of subscription services reduces revenue growth rates for several quarters for the associated solutions until cumulative subscription revenue increases and, potentially, surpasses comparable software license revenue. The revenue impacts are
particularly pronounced early in the introduction of subscription services because there has been only a short time period for accumulation of the recurring revenue stream. As we continue to promote subscription-based services, the risk of this
revenue shift will continue with revenue derived from sales of our EFT solution, the comparable on-premises MFT software in our portfolio, is most subject to ongoing transitory risk from the introduction of these subscription services. However, to
date, we have seen no material impact from this potential revenue shift in light of the continued strength of our EFT sales.
We rely on
third parties to provide us with a number of operational services, including hosting and delivery, certain of our customer services and other operations; any interruption or delay in service from these third parties, breaches of security or privacy,
or failures in data collection could expose us to liability, harm our reputation and adversely impact our financial performance.
We rely on hosted computer services from third parties for certain services that we provide our customers. As we gather customer data and host certain customer data in third-party facilities, a security
breach could compromise the integrity or availability or result in the theft of customer data. In addition, our operations could be negatively affected in the event of a security breach, and we could be subject to the loss or theft of confidential
or proprietary information.
Unauthorized access to this data may be obtained through break-ins, breach of our secure network
by an unauthorized party, employee theft or misuse, or other misconduct. We rely on a number of third party suppliers in the operation of our business for the provisioning of various services and materials that we use in the operation of our
business and production of our products. Although we seek to diversify our third party suppliers, we may from time to time rely on a single or limited number of suppliers, or upon suppliers in a single country, for these services or materials. The
inability of such third parties to satisfy our requirements could disrupt our business operations or make it more difficult for us to implement our business strategy. If any of these situations were to occur, our reputation could be harmed, we could
be subject to third party liability, including under data protection and privacy laws in certain jurisdictions, and our financial performance could be negatively impacted.
29
Fluctuations in professional services revenue may be greater than experienced in previous reporting
periods and have a disproportionate impact on our financial results. For example, increased professional services sales, especially to the government, may result in lower earnings as a percentage of revenue.
Our solution portfolio includes software licenses, subscription services, and professional services. Because they are relatively labor
intensive, professional services typically have substantially lower margins than software license sales, maintenance and support sales and subscription services. However, these services represent a strategic capability that helps customers plan,
implement, and sustain our solutions and also provide us with the demonstrated past performance necessary to participate in certain procurements.
Professional services historically have been less than 10% of our total revenue. However, this percentage can fluctuate significantly from period to period depending on the needs of our customers. For
example, the personnel we assigned to the MAT industry team supporting the U.S. Army s Standard Army Maintenance System Enhanced (SAMS-E) program increased in 2011 compared to 2010 and subsequently decreased in 2012 compared to 2011 as
a result of a change in the scope of services provided to the U.S. Army as determined by MAT. We also may continue to adjust, up or down, our professional services support to the Army, and to other customers within the government and commercial
sectors, in a given reporting period.
Depending on our mix of software licenses, subscription, and professional services
revenue in a given reporting period, our earnings as a percentage of revenue may fluctuate from historical norms. For example, if we were to derive a relatively large (compared to historical norms) component of our revenue from professional services
in a reporting period, earnings as a percentage of revenue may decline in that period due to lower margin contribution from the labor-intensive services as compared to software license and subscription service revenue.
An inability to establish vendor specific objective evidence of the selling price of one or more components of a software sale with multiple
components could result in our having to change from recognizing software license revenue in full at the time the software is delivered to recognizing that same software license revenue ratably in the future over an extended number of accounting
periods.
For software sales with multiple components (typically a sale involving both a license to software that will
be delivered immediately and maintenance and support services that will be delivered over an extended period of time), generally accepted accounting principles require that vendor specific objective evidence of selling price (VSOE) be
established for at least one of the components of that sale before the software license revenue can be recognized in full at the time of delivery to the customer of the licensed software. If VSOE cannot be established, recognition of the software
license revenue must deferred and recognized ratably in the future over an extended number of accounting periods, the length of which would typically be the time period covered by the related maintenance and support contract. We currently have
established VSOE in a manner that supports us recognizing software license revenue in full at the time we deliver the software to our customers for substantially all of our products.
Situations can arise where a change in product pricing that improves our cash flow and financial position has an unintended consequence
of us not being able to establish VSOE where it existed before. If that set of circumstances were to occur, we could be required by generally accepted accounting principles to defer recognition of software license revenue to future periods. That
requirement could cause us to experience an immediate decline in software license revenue recognized in our financial statements in the period in which the licensed software was delivered to our customer even though the timing and amount of cash
flow from the transaction would be the same as when we had established VSOE. If this collection of events were to occur, it could have a material, adverse effect on our revenue, results of operations and financial condition we present in our
financial statements.
30
Our indebtedness may adversely affect our cash flow and business operations.
At December 31, 2012, we had notes payable of $5.7 million under our loan agreements with a bank. Our indebtedness could have
important consequences to us, including:
|
|
|
Our ability to obtain additional financing, if necessary, for working capital, capital expenditures, acquisitions or other purposes which may be
impaired or not available on favorable terms.
|
|
|
|
Covenants contained in our loan agreements require us to meet financial tests that may affect our flexibility in planning for and reacting to changes
in our business, including future business opportunities.
|
|
|
|
We may need a substantial portion of our cash flow from operations to make principal and interest payments on our indebtedness, reducing the funds that
would otherwise be available for operations and future business opportunities.
|
|
|
|
Our level of indebtedness can make us more vulnerable to competitive pressures if there is a downturn in our business or the economy in general, than
our competitors with less debt.
|
Our ability to service our indebtedness will depend upon, among other
things, our future financial and operating performance, which will be affected by prevailing economic conditions and financial, business, regulatory and other factors, some of which are beyond our control. If our operating results are not sufficient
to service our current or future indebtedness, we will be forced to take actions such as reducing or delaying capital expenditures, acquisitions and/or, selling assets, restructuring or refinancing our indebtedness or seeking additional debt or
equity capital or bankruptcy protection. We may not be able to affect any of these remedies on satisfactory terms or at all.
A breach of the terms and conditions of our loan agreements, including the inability to comply with the required financial covenants,
could result in an event of default. If an event of default occurs (after any applicable notice and cure periods), the lender would be entitled to accelerate the repayment of amounts outstanding (including accrued and unpaid interest and fees). Upon
a default under the loan agreements, the lender could also foreclose against any collateral securing such obligations, which may be all or substantially all of our assets. If that occurred, we may not be able to continue to operate as a going
concern.
We may not be able to compete effectively with larger, better-positioned companies, resulting in lower margins and loss of
market share.
We operate in intensely competitive markets that experience rapid technological developments, market
consolidation, changes in industry standards, changes in customer requirements, and frequent new product introductions and product improvements by existing and new competitors. If we are unable to anticipate or react to these competitive challenges
or if existing or new competitors take or gain additional market share in any of our markets, our competitive position could weaken, and we could experience a decrease in revenues that could adversely affect our business and operating results. To
compete successfully, we must maintain a successful research and development effort to develop new products and services and enhance existing products and services, effectively adapt to changes in the technology or product rights held by our
competitors, appropriately respond to competitor strategies as such strategies become apparent, and effectively adapt to technological changes and changes in the ways that our information is accessed, used, and stored within our enterprise and
consumer markets. If we are unsuccessful in responding to our competitors or to changing technological and customer demands, we could experience a negative effect on our competitive position and our financial results.
We compete with a variety of companies who have significantly greater revenues and financial resources, partners, resellers and
distribution channels than GlobalSCAPE as well as greater personnel and technical resources. For example, the EFT solution suite competes with products from Sterling Commerce, Axway and several other vendors, and WAFS competes with Riverbed
Technology and Cisco. TappIn competes with a variety of cloud file storage and collaboration companies such as Dropbox. Large companies may be able to
31
develop new technologies, across multiple solution spaces, and on more operating systems, more quickly than we can, to offer a broader array of products, and to respond more quickly to new
opportunities, industry standards or customer requirements. For example, Sterling Commerce receives substantial maintenance contract revenue annually, providing them with significant resources for product research, development and marketing.
Additional competitors may enter the market and also may have significantly greater capabilities and resources than we do.
Some existing competitors also may be able to adopt more aggressive pricing strategies. For example, Ipswitch provides an older version of its consumer file transfer protocol program for free for non-commercial use, and Microsoft includes file
transfer protocol functionality in its Internet browser, which it also distributes for free. Increased competition may result in lower operating margins and loss of market share.
We may incur losses as we attempt to expand our business.
We intend
to expand our business and therefore expect to expend additional resources on continuing research and development, developing our sales force and a more robust reseller program, marketing, gaining traction in newly entered markets such as secure
content mobility and cloud services, and potentially entering other new or adjacent markets.
If we do not successfully
develop and introduce the new solutions to the market, are unable to improve our direct and channel sales results, or are unable to enter expected new markets, we may not be able to achieve the revenue growth associated with the business expansion
expenditures and may not be profitable.
Our products are complex and operate in a wide variety of computer configurations, which could
result in errors or product failures.
Addressing MFT, WAFS, CDP, Managed E-mail Attachment, cloud services, secure
content mobility, and endpoint security market needs typically requires very complex products. Therefore, undetected errors, failures, or bugs may occur, especially when products are first introduced or when new versions are released. Our products
are often installed and used in large-scale computing environments with different operating systems, system management software, and equipment and networking configurations, which may cause errors or failures in our products or may expose undetected
errors, failures, or bugs in our products. Our customers computing environments also are often characterized by a wide variety of standard and non-standard configurations that make pre-release testing for programming or compatibility errors
very difficult and time-consuming. In addition, despite testing by us and others, errors, failures, or bugs may not be found in new products or releases until after commencement of commercial shipments. In the past, we have discovered software
errors, failures, and bugs in certain of our product offerings after their introduction and have experienced delayed or lost revenues during the time required to correct these errors.
Errors, failures, or bugs in products released by us could result in negative publicity, product returns, loss of or delay in market
acceptance of our products, loss of competitive position, or claims by customers or others. Many of our end-user customers use our products in applications that are critical to their businesses and may have a greater sensitivity to defects in our
products than to defects in other, less critical, software products. In addition, if an actual or perceived breach of information integrity or availability occurs in one of our end-user customers systems, regardless of whether the breach is
attributable to our products, the market perception of the effectiveness of our products could be harmed. Alleviating any of these problems could require significant expenditures of our capital and other resources and could cause interruptions,
delays, or cessation of our product licensing, which could cause us to lose existing or potential customers and could adversely affect our operating results. For example, it took longer than originally expected to make the necessary improvements to
our WAFS solution and therefore WAFS revenues to date have been lower than originally anticipated.
32
Turmoil and uncertainty in U.S. and international economic markets could adversely affect our business
and operating results.
Demand for our products depends in large part upon the level of capital and maintenance
expenditures by many of our customers. Lingering effects of the economic downturn in recent years have adversely impacted spending on information technology projects as prospects and customers reduce, sometimes greatly, their discretionary spending
to focus on preserving mandatory spending budgets.
These adverse impacts to customer spending may be directly, and adversely,
reflected in our future business and operating results because we believe a substantial part of the MFT spending budget is considered discretionary by our prospects and customers. The perception of MFT solutions spending as discretionary is further
reinforced by the existence of low cost, or even free, products that deliver some subset of the capabilities found in our solutions. Given the economic downturn, some customers may have decided to defer spending for our solutions or may have elected
to obtain low cost or free good enough products as an interim measure. The potential adverse impacts of such decisions may persist for an extended period of time, even well into a period of economic recovery, given that many prospects
will not change their IT infrastructure for a considerable period of time after that infrastructure has been installed and is operating adequately.
Adverse financial results from another economic downturn and uncertainty could include flat, or even decreasing, sales, lower gross and net margins, and impairment of current or future goodwill and
long-lived assets. In addition, some of our customers could delay paying their obligations to us. Potentially reduced sales and margins and customer payment problems could limit our ability to fund research and development, marketing, sales, and
other activities necessary to sustain and expand our market position.
As was the case with many other companies, at the onset
of the recent economic downturn, our stock price decreased. If investors have concerns that our business, financial condition and results of operations will be negatively impacted by another economic downturn, our stock price could decrease again.
Regardless of economic conditions, fluctuations in demand for our products and services are driven by many factors and a decrease in
demand for our products could adversely affect our financial results.
We are subject to fluctuations in demand for our
products and services due to a variety of factors, including competition, product obsolescence, technological change, budget constraints of our actual and potential customers, level of broadband usage, awareness of security threats to IT systems,
and other factors. While such factors may, in some periods, increase product sales, fluctuations in demand can also negatively impact our product sales. If demand for our products declines, our revenues, as well as our gross and net margins, could
be adversely affected. CuteFTP, in particular, competes in some ways with social media services for image and video sharing. As social media has increased exponentially in popularity, sales of our CuteFTP product line have declined.
Sales to the U.S. Government make up a portion of our business and changes in government defense spending could have consequences on our financial
position, results of operations and business.
From time-to-time in the past, sales to the U.S. Government have
accounted for 10% or more of our total sales. Our revenues from the U.S. Government largely result from contracts awarded to us under various U.S. Government programs, primarily defense-related programs with the Department of Defense
(DoD). The funding of our programs is subject to the overall U.S. Government budget and appropriation decisions and processes which are driven by numerous factors, including geo-political events and macroeconomic conditions, and are
beyond our control. The overall level of U.S. defense spending has increased in recent years for numerous reasons, including increases in funding of operations in Iraq and Afghanistan and the DoDs modernization initiatives. Looking forward, we
expect overall defense spending to remain relatively flat in the near term, given the completed military withdrawal from Iraq and the expected drawdown of military operations in Afghanistan. However, projected defense spending budgets are uncertain
and become increasingly difficult to
33
predict for periods beyond the near-term due to numerous factors, including the external threat environment, funding for ongoing operations in Afghanistan, future priorities of the Administration
and the overall health of the U.S. and world economies and the state of governmental finances.
Significant changes in defense
spending could have long-term consequences for our size and structure. Changes in government priorities and requirements could impact the funding, or the timing of funding, of our programs which could negatively impact our results of operations and
financial condition. Larger government contracts, such as the Army contracts in which we participate with certain of our customers, typically have long sales cycles. Therefore, closure of such contracts is difficult to predict, increasing
uncertainty in our projections.
U.S. Government contracts generally also permit the government to terminate the contract, in
whole or in part, without prior notice, at the governments convenience or for default based on performance. If one of our contracts is terminated for convenience, we would generally be entitled to payments for our allowable costs and would
receive some allowance for profit on the work performed. If one of our contracts is terminated for default, we would generally be entitled to payments for our work that has been accepted by the government. A termination arising out of our default
could expose us to liability and have a negative impact on our ability to obtain future contracts and orders. Furthermore, on contracts for which we are a subcontractor and not the prime contractor, the U.S. Government could terminate the prime
contract for convenience or otherwise, irrespective of our performance as a subcontractor.
Because we are a DoD contractor,
certain GlobalSCAPE items and/or transactions may be subject to the International Traffic in Arms Regulations (ITAR) if our software or services are specifically designed or modified for defense purposes. Companies engaged in
manufacturing or exporting ITAR-controlled goods and services (even if these companies do not export such items) are required to register with the U.S. State Department. Failure to comply with these requirements could result in fines and sanctions
which could negatively impact our results of operations and financial condition.
If we fail to manage our sales and distribution
channels effectively or if our partners choose not to market and sell our products to their customers, our operating results could be adversely affected.
We sell our products to customers primarily through our direct sales force and through resellers. Sales through these different channels involve distinct risks, including the following:
Direct Sales.
Most of our revenue is derived from sales by our direct sales force to end-users. Special risks associated with
this sales channel include:
|
|
|
Longer sales cycles associated with direct sales efforts;
|
|
|
|
Difficulty in hiring, retaining, and motivating our direct sales force;
|
|
|
|
Substantial amounts of training for sales representatives to become productive, including regular updates to cover new and revised products; and
|
|
|
|
Reliance on leads obtained from paid advertising (for example, Google ads) could materially impact direct sales should advertising effectiveness
decline due to non-attributable declines in leads, unforeseen search engine algorithm changes, or other occurrences that may adversely impact the lead generation aspects of the direct sales cycle. In addition, increased competition may materially
impact the costs associated with such advertising.
|
Indirect Sales Channels.
A significant
portion of our revenue is derived from sales through indirect channels, including distributors and partners that sell our products to end-users and other resellers. This channel involves a number of risks, including:
|
|
|
Our lack of control over the timing of delivery of our products to end-users;
|
34
|
|
|
Our resellers and distributors currently are not subject to minimum sales requirements or any obligation to market our products to their customers;
|
|
|
|
Our reseller and distributor agreements are generally nonexclusive and may be terminated at any time without cause; and
|
|
|
|
Our resellers and distributors frequently market and distribute competing products and may, from time to time, place greater emphasis on the sale of
these products due to pricing, promotions, and other terms offered by our competitors.
|
We cannot be certain that our
distribution channel partners will continue to market or sell our products effectively. If we are not successful, we may lose sales opportunities, customers and revenues.
If we lose key personnel we may not be able to execute our business plan.
Our future success depends on the continued services of key members of our management team. These individuals are difficult to replace because of the intense competition for similarly skilled people. New
members of the management team may not be productive for weeks or months as they learn about our solutions, our personnel and the administrative practices within GlobalSCAPE.
Failure to maintain proper and effective internal controls could affect our ability to produce accurate financial statements which could result in the restatement of our financial statements or
adversely affect our operating results, our ability to operate our business, and our stock price.
Effective internal
controls are necessary for us to provide reliable financial reports and effectively prevent fraud. We maintain a system of internal control over financial reporting, which is defined as a process designed by, or under the supervision of, our
principal executive officer and principal financial officer, or persons performing similar functions, and effected by our board of directors, management and other personnel, to provide reasonable assurance regarding the reliability of financial
reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles.
If we are unable to establish and maintain appropriate internal financial reporting controls and procedures, it could cause us to fail to meet our reporting obligations, result in the restatement of our
financial statements, harm our operating results, subject us to regulatory scrutiny and sanction, cause investors to lose confidence in our reported financial information, and have a negative effect on the market price for shares of our common
stock.
Our ability to develop our software will be seriously impaired if we are not able to use our foreign subcontractors.
We rely on foreign subcontractors to help us develop some aspects of some of our software. If these programmers
decided to stop working for us, or if we were unable to continue using them because of political or economic instability, we would have difficulty finding comparably skilled developers in a timely manner. In addition, we would likely have to pay
considerably more for the same work, especially if we used U.S. personnel. If we could not replace the contract programmers, it would take us significantly longer to develop certain products and product upgrades.
It may be difficult for us to recruit and retain software developers and other technical and management personnel because we are a relatively small
company.
We compete intensely with other software development and distribution companies internationally and
information technology departments supporting larger businesses to recruit and hire from a limited pool of qualified personnel. Some qualified candidates prefer to work for larger, better known companies or in another geographic area. In order to
attract and retain personnel in a competitive marketplace, we believe that we must provide a competitive compensation package, including cash and equity-based compensation. The volatility in
35
our stock price may from time to time adversely affect our ability to recruit or retain employees. In addition, we may be unable to obtain required stockholder approvals of future increases in
the number of shares available for issuance under our equity compensation plans. Also, accounting rules require us to treat the issuance of employee stock options and other forms of equity-based compensation as compensation expense. As a
result, we may decide to issue fewer equity-based incentives and may be impaired in our efforts to attract and retain necessary personnel. If we are unable to hire and retain qualified employees, or conversely, if we fail to manage employee
performance or reduce staffing levels when required by market conditions, our business and operating results could be adversely affected.
Key personnel have left our Company in the past. There likely will be additional departures of key personnel from time to time in the future. The loss of any key employee could result in significant
disruptions to our operations, including adversely affecting the timeliness of product releases, the successful implementation and completion of company initiatives, the effectiveness of our disclosure controls and procedures and our internal
control over financial reporting, and the results of our operations. Hiring, training, and successfully integrating replacement sales, engineering, and other personnel could be time consuming, may cause additional disruptions to our operations, and
may be unsuccessful, which could negatively impact future revenues.
Our operations potentially are vulnerable to security breaches that
could harm the quality of our products and services or disrupt our ability to deliver our products and services.
Information security is a dynamic discipline that historically has faced a threat that develops and emerges in sometimes-unpredictable
ways. Third parties may breach our system and information security and damage our products and services or misappropriate confidential customer information. This might cause us to lose customers, or even cause customers to make claims against us for
damages. We may be required to expend significant resources to protect against potential or actual security breaches and/or to address problems caused by such breaches.
Improper disclosure of personal data could result in liability and harm our reputation.
While we have derived the majority of our historical revenues from on-premise delivery of our products, we now also offer our products on third party hosted platforms. As we continue to execute our
strategy of increasing the number and scale of our cloud-based offerings, we store and process increasingly large amounts of personally identifiable information of our customers. At the same time, the continued occurrence of high-profile data
breaches provides evidence of an external environment increasingly hostile to information security. This environment demands that we continuously improve our design and coordination of security controls. It is possible our security controls over
personal data, our training of employees and vendors on data security, and other practices we follow may not prevent the improper disclosure of personally identifiable information. Improper disclosure of this information could harm our reputation,
lead to legal exposure to customers, or subject us to liability under laws that protect personal data, resulting in increased costs or loss of revenue. We believe consumers using our subscription services increasingly will want efficient,
centralized methods of choosing their privacy preferences and controlling their data. Perceptions that our products or services do not adequately protect the privacy of personal information could inhibit sales of our products or services, and could
constrain consumer and business adoption of cloud-based solutions.
Breaches of our cybersecurity systems could degrade our ability to
conduct our business operations and deliver products and services to our customers, delay our ability to recognize revenue, compromise the integrity of our software products, result in significant data losses and the theft of our intellectual
property, damage our reputation, expose us to liability to third parties and require us to incur significant additional costs to maintain the security of our networks and data.
We increasingly depend upon our IT systems to conduct virtually all of our business operations, ranging from our internal operations and
product development activities to our marketing and sales efforts and communications with our customers and business partners. Cyber threats may attempt to penetrate our network
36
security, or that of our website, and misappropriate our proprietary information or cause interruptions of our service. Because the techniques used by such attackers to access or sabotage
networks change frequently and may not be recognized until launched against a target, we may be unable to anticipate these techniques. In addition, sophisticated hardware and operating system software and applications that we produce or procure from
third parties may contain defects in design or manufacture, including bugs and other problems that could unexpectedly interfere with the operation of the system. We have also outsourced a number of our business functions to third party
contractors. Therefore, our business operations also depend, in part, on the success of our contractors own cybersecurity measures. Similarly, we rely upon distributors, resellers, system vendors and systems integrators to sell our products
and our sales operations depend, in part, on the reliability of their cybersecurity measures. Additionally, we depend upon our employees to appropriately handle confidential data and deploy our IT resources in safe and secure fashion that does not
expose our network systems to security breaches and the loss of data. Accordingly, if our cybersecurity systems and those of our contractors fail to protect against unauthorized access, sophisticated cyberattacks and the mishandling of data by our
employees and contractors, our ability to conduct our business effectively could be damaged in a number of ways, including:
|
|
|
Sensitive data regarding our business, including intellectual property and other proprietary data, could be stolen;
|
|
|
|
Our electronic communications systems, including email and other methods, could be disrupted, and our ability to conduct our business operations could
be seriously damaged until such systems can be restored;
|
|
|
|
Our ability to process customer orders and electronically deliver products and services could be degraded, and our distribution channels could be
disrupted, resulting in delays in revenue recognition;
|
|
|
|
Defects and security vulnerabilities could be introduced into our software products, thereby damaging the reputation and perceived reliability and
security of our products and potentially making the data systems of our customers vulnerable to further data loss and cyber incidents; and
|
|
|
|
Personally identifiable data of our customers, employees and business partners could be lost.
|
Should any of the above events occur, we could be subject to significant claims for liability from our customers, regulatory actions from
governmental agencies, our ability to protect our intellectual property rights could be compromised and our reputation and competitive position could be significantly harmed. Also, the regulatory and contractual actions, litigations, investigations,
fines, penalties and liabilities relating to data breaches that result in losses of personally identifiable or credit card information of users of our services can be significant in terms of fines and reputational impact and necessitate changes to
our business operations that may be disruptive to us. Additionally, we could incur significant costs in order to upgrade our cybersecurity systems and remediate damages. Consequently, our financial performance and results of operations could be
adversely affected.
Certain components of the software code comprising some of our products are licensed from third parties making us
dependent upon those licenses remaining in place for those products to operate in their current form.
Certain key
components of the software code comprising certain of our products are licensed from unrelated, third parties. These licenses are not perpetual such that, with advance notice as provided in the license agreements, those third parties could terminate
those licenses. Even with advance notice, termination of those licenses could create a severe hardship for us due to the need to locate substitute software code from other third parties or create alternative software code ourselves in order for our
products to continue to operate in the manner designed or for us to keep pace with customer requirements, including our obligations under maintenance and support agreements. There is no assurance we could achieve either of those alternative
solutions in a timely and effective manner that would not disrupt our ability to continue selling and supporting those products, or without the consumption of significant company resources in the form of time spent by our personnel creating
alternative solutions or cash paid to third parties to assist us. Such a situation could delay the completion and introduction to
37
the marketplace of other products we are developing to remain competitive due to the diversion of the attention of certain of our key personnel away from that work. If any of these events occur,
our future business and financial results could be adversely affected.
We utilize open source software in some of our
products.
The open source software community develops software technology for free use by anyone. We incorporate a
limited amount of open source code software into our products. For example, we have relied on open source technology for the encryption features in our CuteFTP Pro, EFT, and Mail Express solutions. We may use more open source code software in the
future.
Our use, in some instances, of open source code software may impose limitations on our ability to commercialize our
solutions and may subject us to possible intellectual property litigation. Open source code may impose limitations on our ability to commercialize our products because, among other reasons, open source license terms may be ambiguous and may result
in unanticipated obligations regarding our solution, and open source software cannot be protected under trade secret law. In addition, it may be difficult for us to accurately determine the developers of the open source code and whether the acquired
software infringes third-party intellectual property rights. As a result, we could be subject to suits by parties claiming ownership of what we believe to be open source software. From time to time, companies that incorporate open source software
into their products have been subject to such claims.
Claims of infringement or misappropriation against us could be costly
for us to defend and could require us to re-engineer our solution or to seek to obtain licenses from third parties in order to continue offering our solution. We also might need to discontinue the sale of our solution in the event re-engineering
could not be accomplished on a timely or cost-effective basis. If any such claim, attempted remediation, or solution discontinuance occur, our business and operating results could be harmed.
Our products may expose customers to invasion of privacy, causing customer dissatisfaction.
Our EFT suite, Mail Express, and TappIn solutions are intended to facilitate information sharing, sometimes by providing outsiders access to a customers computer. Such access potentially may make
the customer vulnerable to security breaches, which could result in the loss of their privacy or property. Invasions of privacy or other customer harm occurring in an environment where our solutions are operating could result in customer
dissatisfaction and possible claims against us for any resulting damages.
Increased customer demands on our technical support services
may adversely affect our relationships with our customers and our financial results.
We offer technical support
services with many of our products. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for support services. We also may be unable to modify the format of our support services to compete with changes in
support services provided by competitors or successfully integrate support for our customers. Further customer demand for these services could increase our costs and, without corresponding increasing revenues, adversely affect our operating results.
We are subject to governmental export and import controls that could subject us to liability or impair our ability to compete in
international markets.
All products that are exported, re-exported or that are worked on by foreign nationals are
subject to export controls. Such controls include prohibitions on end uses, end users and country prohibitions. In addition, incorporation of encryption technology into our products can increase the level of U.S. export controls. The encryptions
export controls were modified in 2010. We are subject to these requirements as certain of our products include the ability for the end user to encrypt data. Therefore, our products may be exported outside the
38
United States or revealed to foreign nations only with the required level of export controls/restrictions. Restrictions applicable to our products may include: the requirement to have a license
to export the technology; the requirement to have software licenses approved before export is allowed; and outright bans on the licensing of certain encryption technology to particular end users or to all end users in a particular country. In
addition, various countries regulate the import of certain technology and have enacted laws that could limit our ability to distribute our products or could limit our customers ability to implement our products in those countries.
There can be no assurance that we will be successful in obtaining or maintaining the licenses and other authorizations required to export
our products from applicable government authorities. Any change in export or import regulations or related legislation, shift in approach to the enforcement or scope of existing regulations, or change in the list of countries to which we cannot
export, changes in persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations.
Changes in our products or changes in export and import regulations may create delays in the introduction of our products in international markets, prevent our customers with international operations from deploying our products throughout their
global systems or, in some cases, prevent the export or import of our products to certain countries altogether. Any change in export or import regulations or related legislation, shift in approach to the enforcement or scope of existing regulations,
or change in the countries, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international
operations.
Export laws and regulations can be extremely complex in their application. If we are found not to have complied
with applicable export control laws, we may be sanctioned, fined or penalized by, among other things, having our ability to obtain export licenses curtailed or eliminated, possibly for an extended period of time. Our failure to receive or maintain
any required export licenses or authorizations or our penalization for failure to comply with applicable export control laws would hinder our ability to sell our products, could result in financial penalties, and could materially adversely affect
our business, financial condition, and results of operations. Any failure on our part or the part of our distributors to comply with encryption or other applicable export control requirements could harm our business and operating results.
Import and export regulations of encryption/decryption technology vary from country to country. We may be subject to
different statutory or regulatory controls in different foreign jurisdictions, and as such, our technology may not be permitted in these foreign jurisdictions. Violations of foreign regulations or regulation of international transactions could
prevent us from being able to sell our products in international markets. Our success depends in large part to having access to international markets. A violation of foreign regulations could limit our access to such markets and have a negative
effect on our results of operations.
As our international sales grow, we could become increasingly subject to additional risks that
could harm our business.
We conduct significant sales and customer support, in countries outside of the United States.
During the year ended December 31, 2012, approximately 26% of our sales were to purchasers outside the United States. Our continued growth and profitability could require us to further expand our international operations. To successfully expand
international sales, we must establish additional foreign operations, hire additional personnel and recruit additional international resellers. We may also incur additional expense translating our applications into additional languages. In addition,
there is significant competition for entry into high growth markets, such as China. Our international operations are subject to a variety of risks, which could cause fluctuations in the results of our international operations. These risks include:
|
|
|
Compliance with foreign regulatory and market requirements.
|
|
|
|
Variability of foreign economic, political and labor conditions.
|
39
|
|
|
Changing restrictions imposed by regulatory requirements, tariffs or other trade barriers or by U.S. export laws.
|
|
|
|
Longer accounts receivable payment cycles.
|
|
|
|
Potentially adverse tax consequences.
|
|
|
|
Difficulties in protecting intellectual property.
|
|
|
|
Burdens of complying with a wide variety of foreign laws.
|
|
|
|
Difficulty transferring funds to the U.S. in a tax efficient manner from non-U.S jurisdictions in which the cash flow originates.
|
The amount of income taxes we compute as payable on our income tax returns filed with the Internal Revenue Service
and certain states could be challenged by those taxing authorities resulting in us paying more taxes than anticipated.
We file income tax returns with the Internal Revenue Service and taxing authorities in certain states. We prepare and file those returns
based on our interpretations of the relevant tax code as to revenue to be reported and deductions and credits allowed. We use third-party experts to assist us in preparing our tax returns and computing our tax liabilities to help us ensure we pay
the proper amount of tax due. Our tax returns are subject to examination by taxing authorities who could interpret the tax code in a different manner from us and conclude we are obligated to pay more taxes than we originally computed and paid. While
we would defend the position taken on our tax returns as filed, a challenge from a taxing authority can be costly to defend with no assurance of a favorable outcome for us. In the event of an unfavorable result under these circumstances, our
business, operating results and financial position could be harmed.
The amount of sales tax we collect on sales could be challenged by
taxing authorities both in jurisdictions in which we have a corporate presence as well as by taxing authorities in areas where we have no corporate presence.
We collect and remit sales tax on sales in jurisdictions where we have a corporate or physical presence that results in an obligation to do so. We sell our products to customers in numerous locations
where we do not have a corporate or physical presence and, therefore, do not collect sales tax on those sales. States in which we collect sales tax could audit our activities and assess us with additional tax based on them interpreting the sales tax
code differently than we interpret it. Various states in which we do not collect sales tax are aggressive in interpreting their sales tax codes in determining if a company with no apparent presence in those states is obligated to collect and remit
sales taxes, particularly on sales made across the internet. States where we do not collect sales tax could make an assertion that we should have been collecting sales tax and could assess us with that tax. While we would defend the position taken
as to our obligation to collect sales tax and the amount of sales tax collected, a challenge from a taxing authority can be costly to defend with no assurance of a favorable outcome for us. In the event of an unfavorable result under these
circumstances, our business, operating results and financial position could be harmed.
Risks Related to Stock Ownership
Our stock price is/may be volatile.
The trading price of our common stock has been and could continue to be subject to wide fluctuations in response to certain factors, including:
|
|
|
U.S. and global economic conditions leading to general declines in market capitalizations, with such declines not associated with operating
performance.
|
|
|
|
Quarter-to-quarter variations in results of operations.
|
40
|
|
|
Our announcements of new products.
|
|
|
|
Our announcements of acquisitions.
|
|
|
|
Our announcements of significant new customers or contracts.
|
|
|
|
Our competitors announcements of new products.
|
|
|
|
Our product development or release schedule.
|
|
|
|
Changes in our management team.
|
|
|
|
General conditions in the software industry.
|
|
|
|
Investor perceptions and expectations regarding our products, plans and strategic position and those of our competitors and customers.
|
In addition, the public stock markets experience extreme price and trading volume volatility, particularly
in high-technology sectors of the market. This volatility has significantly affected the market prices of securities of many technology companies for reasons often unrelated to the operating performance of the specific companies. The broad market
fluctuations may adversely affect the market price of our common stock.
Accounting charges may cause fluctuations in our annual or
quarterly financial results.
Our financial results may be affected by non-cash and other accounting charges, including:
|
|
|
Amortization of intangible assets, including acquired technology and product rights.
|
|
|
|
Impairment of goodwill and intangibles.
|
|
|
|
Share-based compensation expense.
|
|
|
|
Impairment of long-lived assets.
|
Anti-takeover provisions in our charter and Delaware law could inhibit others from acquiring us.
Some of the provisions of our certificate of incorporation and bylaws and in Delaware law could, together or separately:
|
|
|
Discourage potential acquisition proposals.
|
|
|
|
Delay or prevent a change in control.
|
|
|
|
Limit the price that investors may be willing to pay in the future for shares of our common stock.
|
In particular, our certificate of incorporation and bylaws prohibit stockholders from voting by written consent or calling meetings of
the stockholders. We are also subject to Section 203 of the Delaware General Corporation Law, which generally prohibits a Delaware corporation from engaging in any of a broad range of business combinations with any interested stockholder, as
defined in the statute, for a period of three years following the date on which the stockholder became an interested stockholder.
Our
directors and executive officers continue to have substantial control over us.
Our directors and executive officers,
together with their affiliates and related persons, beneficially owned, in the aggregate, approximately 42% of our outstanding common stock as of December 31, 2012. These stockholders would have the ability to control GlobalSCAPE and
direct its policies including the outcome of
41
matters submitted to our stockholders for approval, such as the election of directors and any acquisition or merger, consolidation or sale of all or substantially all of our assets. In
addition, our certificate of incorporation and bylaws provide for our Board of Directors to be divided into three classes of directors serving staggered three-year terms. As a result, approximately one-third of our Board of Directors will be
elected each year.
Stockholders ownership of our stock may be significantly diluted, affecting the value of the stock.
There were options for 3,650,095 shares outstanding under our employee and director stock option plans as of
March 1, 2013, of which 2,649,455 were vested. We have filed a registration statement under the Securities Act, covering stock issued upon the exercise of options by non-affiliates, and we may file a registration statement covering options held
by affiliates as well. If we do not file a registration statement covering affiliates, affiliates who exercise their options may choose to sell the stock under an exemption from registration, such as Rule 144 under the Securities Act. The
exercise of these options and sale of the resulting stock could depress the value of our stock.
Risks Related to Intellectual Property
We are vulnerable to claims that our products infringe third-party intellectual property rights particularly because our products
are partially developed by independent parties.
From time to time we experience claims that our products infringe
third-party intellectual property rights. We may be exposed to future litigation based on claims that our products infringe the intellectual property rights of others. This risk is exacerbated by the fact that some of the code in our products is
developed by independent parties or licensed from third parties over whom we have less control than we exercise over internal developers. In addition, we expect that infringement claims against software developers will become more prevalent as the
number of products and developers grows and the functionality of software programs in the market increasingly overlaps. Companies in the technology industry, and other patent and trademark holders seeking to profit from royalties in connection with
grants of licenses, own large numbers of patents, copyrights, trademarks, service marks, and trade secrets and frequently enter into litigation based on allegations of infringement or other violations of intellectual property rights. In addition, we
may be the target of aggressive and opportunistic enforcement of patents by third parties, including non-practicing entities.
Responding to and defending against such claims may cause us to incur significant expense and divert the time and efforts of our
management and employees. Successful assertion of such claims could require that we pay substantial damages or ongoing royalty payments, prevent us from selling our products and services, damage our reputation, or require that we comply with other
unfavorable terms, any of which could materially harm our business. In addition, we may decide to pay substantial settlement costs in connection with any claim or litigation, whether or not successfully asserted.
While it is not possible to predict the outcome of patent litigation incident to our business, defense costs may be significant, and we
believe the costs associated with this litigation or other claims of infringement could generally have a material adverse impact on our results of operations, financial position or cash flows. Regardless of the merit of such claims, responding to
infringement claims can be expensive and time-consuming.
For any intellectual property rights claim against us or our
customers, we may have to pay damages and indemnify our customers against damages.
Claims of infringement could require us to
re-engineer our products or seek to obtain licenses from third parties in order to continue offering its products. In addition, an adverse legal decision affecting our intellectual property, or the use of significant resources to defend against this
type of claim could place a significant strain on our financial resources and harm our reputation.
42
We are currently a defendant in a patent infringement suit filed by Achates Reference
Publishing, Inc. in the United States District Court for the Eastern District of Texas Marshall Division. The complaint alleges that we infringed on a patent that addresses product activation functionality. We are currently one of a number of
defendants in a patent infringement suit filed by Uniloc Luxembourg S.A. in the United States District Court for the Eastern District of Texas Marshall Division. The complaint alleges that we infringed on a patent that addresses software piracy
prevention functionality. We believe we have meritorious defenses to the plaintiffs claims in both of these cases and intend to defend these lawsuits vigorously. While we believe any loss we may incur related to these matters would be
immaterial to the Companys financial position and results of operations, nonetheless, these actions subject us to the risks associated with intellectual property infringement claims by third parties as described above.
We may not be able to protect our intellectual property rights.
Our software code, and trade and service marks are some of our most valuable assets. Given the global nature of the internet and our business, we are vulnerable to the misappropriation of this
intellectual property, particularly in foreign markets, such as China and Eastern Europe, where laws or law enforcement practices are less developed. The global nature of the internet makes it difficult to control the ultimate destination or
security of our software making it more likely that unauthorized third parties will copy certain portions of our proprietary information or reverse engineer the proprietary information used in its programs. If our proprietary rights were infringed
by a third-party and we did not have adequate legal recourse, our ability to earn profits, which are highly dependent on those rights, would be severely diminished.
Other companies may own, obtain or claim trademarks that could prevent, limit or interfere with our use of our trademarks.
Our various trademarks are important to our business. If we were to lose the use of any of our trademarks, our business would be harmed
and we would have to devote substantial resources towards developing an independent brand identity. Defending or enforcing our trademark rights at a local and international level could result in the expenditure of significant financial and
managerial resources.