PROOFPOINT INC
`
`FORM 10-K
`
`(Annual Report)
`
`Filed 02/25/16 for the Period Ending 12/31/15
`
`
`Address
`
`
`892 ROSS DRIVE
`SUNNYVALE, CA 94089
`408-517-4710
`Telephone
`CIK 0001212458
`Symbol PFPT
`SIC Code
`7374 - Computer Processing and Data Preparation and Processing Services
`Industry Software & Programming
`Sector Technology
`Fiscal Year
`12/31
`
`http://www.edgar-online.com
`© Copyright 2016, EDGAR Online, Inc. All Rights Reserved.
`Distr bution and use of this document restricted under EDGAR Online, Inc. Terms of Use.
`
`

`
`Table of Contents
`
`UNITED STATES
`SECURITIES AND EXCHANGE COMMISSION
`Washington, D.C. 20549
`__________________________________
`FORM 10-K
`ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
`þ
`For the Fiscal Year Ended December 31, 2015
`
`OR
`TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF
`1934
`
`For the Transition Period from to
`
`o
`
`Commission File Number 001-35506
`PROOFPOINT, INC.
`(Exact name of Registrant as specified in its charter)
`
`Delaware
`(State or other jurisdiction of
`incorporation or organization)
`
`892 Ross Drive
`Sunnyvale, California
`(Address of principal executive offices)
`
`
`
`
`
`51-0414846
`(I R S employer
`identification no )
`
`94089
`(Zip Code)
`
`(408) 517-4710
`(Registrant’s telephone number, including area code)
`__________________________________
`S ecurities registered pursuant to Section 12(b) of the Act:
`
`Title of Each Class
`Common Stock , $0 0001 par value per share
`
`
`
`
`Name of each exchange on which registered
`NASDAQ Global Select Market
`
`Securities registered pursuant to Section 12(g) of the Act:
`
`
`
`None
`__________________________________
`Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act YES þ
` NO o
`Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act YES o
` NO þ
`
`Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for
`such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days YES þ
` NO o
`
`Indicate by check mark whether the registrant has submitted electronically and posted on its corporate Web site, if any, every Interactive Data File required to be submitted and posted pursuant
`to Rule 405 of Regulation S-T (§232 405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit and post such files) YES þ
` NO o
`
`Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K (§229 405 of this chapter) is not contained herein, and will not be contained, to the best of
`registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K o
`Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, or a smaller reporting company See the definitions of “large accelerated
`filer,” “accelerated filer” and “smaller reporting company” in Rule 12b-2 of the Exchange Act
`
`
`
`Large accelerated filer þ
`
`
`Non-accelerated filer o
`Accelerated filer o
`
`
`(Do not check if a smaller reporting company)
`
`Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act) YES ¨
` NO þ
`The aggregate market value of the voting and non-voting common equity held by non-affiliates of the registrant, based upon the closing price of a share of the registrant’s common stock on June
`30, 2015 as reported by the NASDAQ Global Select Market on that date, was approximately $2,435,000,000 This calculation does not reflect a determination that certain persons are affiliates
`of the registrant for any other purpose
`The number of shares outstanding of the registrant’s common stock as of February 12, 2016 was 41,163,655 shares
` __________________________________
`DOCUMENTS INCORPORATED BY REFERENCE
`Portions of the registrant’s Proxy Statement for its 2016 Annual Meeting of Stockholders (the “Proxy Statement”), to be filed with the Securities and Exchange Commission, are
`incorporated by reference into Part III of this Annual Report on Form 10-K where indicated The Proxy Statement will be filed with the Securities and Exchange Commission within 120 days of
`the registrant's fiscal year ended December 31, 2015
`
`Smaller reporting company o
`
`
`
`

`
`Table of Contents
`
`PROOFPOINT, INC.
`FORM 10-K
`For the Fiscal Year Ended December 31, 2015
`TABLE OF CONTENTS
`
`
`PART I.
`Item 1.
`Item 1A.
`Item 1B.
`Item 2.
`Item 3.
`Item 4.
`PART II.
`Item 5.
`Item 6.
`Item 7.
`Item 7A.
`Item 8.
`Item 9.
`Item 9A.
`Item 9B.
`PART III.
`Item 10.
`Item 11.
`Item 12.
`Item 13.
`Item 14.
`PART IV.
`Item 15.
`
`
`Signatures
`
`
`
`Business
`Risk Factors
`Unresolved Staff Comments
`Properties
`Legal Proceedings
`Mine Safety Disclosures
`
`Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities
`Selected Financial Data
`Management's Discussion and Analysis of Financial Condition and Results of Operations
`Quantitative and Qualitative Disclosures About Market Risk
`Financial Statements and Supplementary Data
`Changes in and Disagreements with Accountants on Accounting and Financial Disclosure
`Controls and Procedures
`Other Information
`
`Directors, Executive Officers and Corporate Governance
`Executive Compensation
`Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters
`Certain Relationships and Related Transactions, and Director Independence
`Principal Accountant Fees and Services
`
`Exhibits and Financial Statement Schedules
`Index to Consolidated Financial Statements
`
`
`1
`
`
`
`
`
`
`
`
`
`Page
`
`3
`15
`32
`32
`32
`32
`
`34
`35
`37
`59
`59
`60
`60
`60
`
`61
`61
`61
`61
`61
`
`62
`63
`103
`
`

`
`Table of Contents
`
`CAUTIONARY STATEMENT REGARDING FORWARD-LOOKING STATEMENTS
`
`This Annual Report on Form 10-K contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. All
`statements contained in this Annual Report on Form 10-K other than statements of historical fact, including statements regarding our future results of operations
`and financial position, our business strategy and plans, and our objectives for future operations, are forward-looking statements. The words "believe," "may,"
`"will," "estimate," "continue," "anticipate," "intend," "expect," and similar expressions are intended to identify forward-looking statements. We have based these
`forward-looking statements largely on our current expectations and projections about future events and trends that we believe may affect our financial condition,
`results of operations, business strategy, short-term and long-term business operations and objectives, and financial needs. These forward-looking statements are
`subject to a number of risks, uncertainties and assumptions, including those described in Part I, Item 1A, "Risk Factors" in this Annual Report on Form 10-K.
`Moreover, we operate in a very competitive and rapidly changing environment. New risks emerge from time to time. It is not possible for our management to
`predict all risks, nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to
`differ materially from those contained in any forward-looking statements we may make. In light of these risks, uncertainties and assumptions, the future events and
`trends discussed in this Annual Report on Form 10-K may not occur and actual results could differ materially and adversely from those anticipated or implied in
`the forward-looking statements. We undertake no obligation to revise or publicly release the results of any revision to these forward-looking statements, except as
`required by law. Given these risks and uncertainties, readers are cautioned not to place undue reliance on such forward-looking statements.
`Unless expressly indicated or the context requires otherwise, the terms “Proofpoint,” “Company,” “Registrant,” “we,” “us,” and “our” mean Proofpoint,
`Inc. and its subsidiaries unless the context indicates otherwise.
`
`2
`
`

`
`Table of Contents
`
`ITEM 1. BUSINESS
`
`Overview
`
`PART I
`
`Proofpoint is a leading security-as-a-service provider that enables large and mid-sized organizations worldwide to defend, protect, archive and govern
`their most sensitive data. Our security-as-a-service platform is comprised of an integrated suite of on-demand data protection solutions, including threat protection,
`incident response, regulatory compliance, archiving, governance, eDiscovery, and secure communication. Our solutions are built on a flexible, cloud-based
`platform and leverage a number of proprietary technologies - including big data analytics, machine learning, deep content inspection, secure storage, advanced
`encryption, intelligent message routing, dynamic malware analysis, threat correlation, and virtual execution environments - to address today's rapidly changing
`threat landscape.
`
`A fundamental shift in the sources of cyber crime, from hackers to organized crime and governments, combined with the emergence of international data
`trafficking and sophisticated advanced persistent threats ("APTs"), polymorphic threats, zero-day exploits, and user-transplant "drive-by" downloads, is driving an
`unprecedented wave of both targeted and broad-based malicious attack campaigns designed to steal valuable information. At the same time, the growth of
`business-to-business collaboration and the use of social media for mass communication, as well as the consumerization of IT and the associated adoption of mobile
`devices and unmanaged Internet-based applications, has increased organizations’ attack surface through the proliferation of sensitive data, reducing the
`effectiveness of many existing security products. These factors have contributed to an increasing number of severe data breaches and expanding regulatory
`mandates, all of which have accelerated demand for effective data protection and governance solutions.
`
`Our platform addresses this growing challenge by not only protecting data as it flows into and out of the enterprise via on-premise and cloud-based email,
`social media and mobile apps, but also by keeping track of this information as it is modified and distributed throughout the enterprise for compliance and data loss
`prevention, and securely archiving these communications for compliance and discovery. We address four important problems for the enterprise:
`
`•
`
`•
`
`•
`
`•
`
`Protecting users from the advanced attacks that target them via email, social media, and mobile apps;
`
`Preventing the theft or inadvertent loss of sensitive information and, in turn, ensuring compliance with regulatory data protection mandates;
`
`Collecting, retaining, supervising and discovering sensitive data for compliance and litigation support; and
`
`Enabling organizations to respond quickly to security issues, providing both the intelligence and the context to prioritize incidents and
`orchestrate remediation actions.
`
`Our platform and its associated solutions are sold to customers on a subscription basis and can be deployed through our unique cloud-based architecture
`that leverages both our global data centers as well as optional points-of-presence behind our customers' firewalls. Our flexible deployment model enables us to
`deliver superior security and compliance while maintaining the favorable economics afforded by cloud computing, creating a competitive advantage for us over
`legacy on-premise and cloud-only offerings.
`
`We were founded in 2002 to provide a unified solution to help enterprises address their growing data security requirements. Our first solution was
`commercially released in 2003 to combat the burgeoning problem of spam and viruses and their impact on corporate email systems. To address the evolving threat
`landscape and the adoption of communication and collaboration systems beyond corporate email and networks, we have broadened our solutions to defend against
`a wide range of threats, including e-mail mobile apps and social media, to protect the information people create from both compromise and compliance risks, and
`to archive and govern corporate information. Today, our solutions are used worldwide to protect well over 100 million end-users. We market and sell our solutions
`worldwide both directly through our sales teams and indirectly through a hybrid model where our sales organization actively assists our network of distributors and
`resellers. We also distribute our solutions through strategic partners.
`
`Proofpoint Solutions
`
`Our integrated suite of on-demand security-as-a-service solutions enables large and mid-sized organizations to protect people throughout the enterprise
`from advanced attacks and compliance risks. Our comprehensive platform provides a secure
`
`3
`
`

`
`Table of Contents
`
`email gateway, advanced threat protection, threat intelligence, email encryption, data loss prevention, social media security and compliance, archiving, eDiscovery,
`and threat response capabilities. These solutions are built on a cloud-based architecture, protecting enterprises from inbound threats via email, social media, and
`mobile apps, while identifying and protecting enterprise data not only where it is stored within the enterprise but also as it transits beyond the organization’s
`borders such as via email or social media. We have pioneered the use of innovative technologies to deliver better ease-of-use, greater protection against the latest
`advanced threats, and lower total cost of ownership than traditional alternatives. The key elements of our solution include:
`
`•
`
`•
`
`•
`
`•
`
`•
`
`Superior protection against both advanced and targeted threats. We use a combination of proprietary technologies for big data analytics,
`machine learning, deep content inspection, dynamic malware analysis, threat correlation, threat intelligence extraction, and virtual execution
`environments to predictively and actively detect and stop targeted "spear phishing" and other sophisticated advanced and next-generation threat
`attacks, including APTs, that employ malicious attachments, polymorphic threats, zero-day exploits, user-transparent “drive-by” downloads and
`other penetration tactics. By processing, analyzing and correlating billions of data points on a daily basis, we can recognize anomalies in order to
`predictively detect targeted attacks before users are exposed. Our deep content inspection technology enables us to identify malicious message
`attachments and distinguish between valid messages and "phishing" messages designed to look authentic and trick the end-user into divulging
`sensitive data or clicking on a malicious web link. Our machine learning technology enables us to detect targeted "zero-hour" attacks in real-
`time, even if they have not been seen previously at other locations, and quarantine them appropriately. Our dynamic malware analysis and virtual
`execution environment technologies enable us to examine web site destinations and downloadable files to identify and block potentially hostile
`code that would otherwise compromise end-user computers, even in cases where the web sites are considered reputable or the attachment’s
`malicious payload is obfuscated or otherwise disguised. Our threat correlation technologies enable us to rapidly confirm and contain threats,
`providing rapid, automated protection.
`
`Comprehensive, integrated data protection, compliance, and eDiscovery suite. We offer a comprehensive solution for data protection and
`governance through an integrated, security-as-a-service platform that is comprised of five main suites: Proofpoint Enterprise Protection,
`Proofpoint Information Protection, Proofpoint Enterprise Archive, Proofpoint Social Media Security & Compliance, and Proofpoint Essentials.
`Together, these solutions can improve an organization's ability to detect and mitigate inbound and outbound threats and securely archive and
`discover communication across all major communication channels including on-premise and cloud-based email, instant messaging, social media
`and other web-based applications. In addition, our common policy framework and reporting systems enable organizations to comply with
`complex regulatory mandates, implement consistent data governance policies and ensure end-to-end incident response across the enterprise.
`
`Designed to empower end-users. Unlike legacy offerings that simply block communication or report audit violations, our solutions actively
`enable secure business-to-business and business-to-consumer communications. Our easy-to-use policy-based email encryption service
`automatically encrypts sensitive emails and delivers them to any PC or mobile device. In addition, our secure file-transfer solution makes it easy
`for end-users to securely share various forms of documents and other content that are typically too large to send through traditional e-mail
`systems. All of our solutions provide mobile-optimized capabilities to empower the growing number of people who use mobile devices as their
`primary computing platform.
`
`Security optimized cloud architecture. Our multi-tenant security-as-a-service solution leverages a distributed, scalable architecture deployed in
`our global data centers for deep content inspection, global threat correlation and analytics, high-speed search, secure storage, encryption key
`management, software updates, intelligent message routing, and other core functions. Customers can choose to deploy optional physical or
`virtual points-of-presence behind their firewalls for those who prefer to deploy certain functionality inside their security perimeter. This
`architecture enables us to leverage the benefits of the cloud to cost-effectively deliver superior security and compliance, while optimizing each
`deployment for the customer's unique threat environment.
`
`Extensible security-as-a-service platform. The key components of our security-as-a-service platform, including services for secure storage,
`content inspection, reputation, big data analytics, encryption, key management, and identity and policy, can be exposed through application
`programming interfaces, or APIs, to integrate with internally developed applications as well as with those developed by third-parties. In
`
`4
`
`

`
`Table of Contents
`
`addition, these APIs provide a means to integrate with the other security and compliance components deployed in our customers' infrastructures.
`
`Our Security-as-a-Service Platform
`
`We provide a multi-tiered security-as-a-service platform consisting of solutions, platform technologies and infrastructure. Our platform currently includes
`five solutions bundled for the convenience of our customers, distributors and resellers: Proofpoint Enterprise Protection, Proofpoint Information Protection,
`Proofpoint Enterprise Archive, Proofpoint Social Media Security & Compliance, and Proofpoint Essentials. Each of these solutions is built as an aspect of our
`security-as-a-service platform, which includes both platform services and enabling technologies. Our platform services provide the key functionality to enable our
`various solutions while our enabling technologies work in conjunction with our platform services to enable the efficient construction, scaling and maintenance of
`our customer-facing solutions.
`
`Our suite is delivered by a cloud infrastructure and can be deployed as a secure cloud-only solution, or as a hybrid solution with optional physical or
`virtual points-of-presence behind our customers' firewalls for those who prefer to deploy certain functionality inside their security perimeter. In all deployment
`scenarios, our cloud-based architecture enables us to leverage the benefits of the cloud to cost-effectively deliver superior security and compliance while
`maintaining the flexibility to optimize deployments for customers' unique environm ents. The modularity of our solutions enables our existing customers to
`implement additional modules in a simple and efficient manner.
`
`Solutions
`
`Proofpoint Enterprise Protection
`
`Proofpoint Enterprise Protection is our communications and collaboration security suite designed to protect customers' mission-critical messaging
`infrastructure from outside threats including spam, phishing, unpredictable email volumes, malware
`
`5
`
`

`
`Table of Contents
`
`and other forms of objectionable or dangerous content before they reach the enterprise. Key capabilities within Proofpoint Enterprise Protection include:
`
`•
`
`•
`
`•
`
`•
`
`•
`
`•
`
`Threat detection. Uses our Proofpoint MLX machine learning technology and reputation data to examine millions of possible attributes in every
`message, including envelope headers and structure, embedded web links, images, attachments and sender reputation, as well as unstructured
`content in the message body, to block phishing and spear phishing attacks, spam and other forms of malicious or objectionable content. This
`solution also includes sophisticated policy and routing controls designed to ensure security and the effective handling of all classifications of
`content.
`
`Virus protection. Combats email-borne viruses, worms and trojans with a solution that combines efficient message handling, comprehensive
`reporting, and robust policy management with leading third-party antivirus scanning engines.
`
`Zero-hour threat detection. Protects enterprises against new phishing attacks, viruses and other forms of malicious code during the critical
`period after new attacks are released and before full information is available to characterize the threat.
`
`Smart search. Offers an easy-to-use interface that provides real-time visibility into message flows across an organization's messaging
`infrastructure, using built-in logging and reporting capabilities with advanced message tracing, forensics and log analysis capabilities.
`
`Targeted attack protection. Enterprises are protected against advanced persistent threats such as phishing and other targeted email attacks by the
`use of big data analysis, predictive, virtual execution and dynamic malware analysis techniques to identify and apply additional security controls
`against suspicious messages and any associated links to the web.
`
`Threat response. Provides threat information and Indicators of Compromise correlation, aggregating across Proofpoint and other third-party
`security products, to confirm and contain system compromises. By taking advantage of this automated incident response, enterprises can
`minimize exfiltration windows and leverage staff for breach prevention and mitigation.
`
`Key benefits of Proofpoint Enterprise Protection include:
`
`•
`
`•
`
`•
`
`•
`
`•
`
`Superior protection from advanced threats, spam and viruses. Protects against advanced threats, spam and other malicious code such as
`viruses, worms and spyware.
`
`Comprehensive outbound threat protection. Analyzes all outbound email traffic to block spam, viruses and other malicious content from
`leaving the corporate network, and pinpoint the responsible compromised systems.
`
`Automated Incident Response. Analyzes and correlates incident data to confirm system compromises, then acts to contain systems to help
`minimize and mitigate exposure.
`
`Effective, flexible policy management and administration. Provides a user-friendly, web-based administration interface and robust reporting
`capabilities that make it easy to define, enforce and manage an enterprise's messaging policies.
`
`Easy-to-use end-user controls. Gives email users easy, self-service control over their individual email preferences within the parameters of
`corporate-defined messaging policies.
`
`Proofpoint Information Protection
`
`Our data loss prevention, encryption and compliance solution defends against leaks of confidential information, and helps ensure compliance with
`common U.S., international and industry-specific data protection regulations - including the Health Care Insurance Portability and Accountability Act of 1996
`("HIPAA"), the Gramm-Leach-Bliley Act, Canada's Personal Information Protection and Electronic Documents Act, as well as acts such as CA SB 24, MA 201
`CMR 17.00, ITAR, NERC-CIP, CFTC red flag rules, Basel II, EuroSOX (Directive 84/253/EEC), European Union Data Privacy Directive, and the Payment Card
`Industry Data Security Standard (PCI-DSS). Key capabilities within Proofpoint Information Protection include:
`
`6
`
`

`
`Table of Contents
`
`•
`
`•
`
`•
`
`•
`
`•
`
`•
`
`Advanced data loss prevention. Our advanced data loss prevention solution identifies regulated private content, valuable corporate assets and
`confidential information before it leaves the organization via email, web-based applications, or our Secure Share solution. Pre-packaged smart
`identifiers and dictionaries automatically and accurately detect a wide range of regulated content such as social security numbers, health records,
`credit card numbers, and driver's license numbers. In addition to regulated content, our machine learning technology can identify confidential,
`organization-specific content and assets. Once identified and classified, sensitive data can be blocked, encrypted and transmitted or re-routed
`internally based on content and identity-aware policies.
`
`Flexible remediation and supervision. Content, identity and destination-aware policies enable effective remediation of potential data breaches
`or regulatory violations. Remediation options include stopping the transfer completely, automatically forcing data-encryption, or routing to a
`compliance supervisor or the end-user for disposition. The solution also provides comprehensive reporting on potential violations and
`remediation using our analytics capabilities.
`
`Policy-based encryption. Automatically encrypts regulated and other sensitive data before it leaves an organization's security perimeter without
`requiring cumbersome end-user key management. This enables authorized external recipients, whether or not they are our customers, to quickly
`and easily decrypt and view content from most devices.
`
`Secure file transfer. Provides secure, large file transfer capabilities that enables end-users to send large files quickly, easily, and securely while
`eliminating the impact of large attachments on an email infrastructure.
`
`Secure share . Cloud-based security-focused solution designed to enable enterprise users to securely exchange large files with ease while staying
`compliant with enterprise data policies.
`
`Data Discover . Automated discovery and remediation solution that identifies sensitive content across the enterprise and enables corrective
`action; reduces risk of data breaches and compliance violations.
`
`Key benefits of Proofpoint Information Protection include:
`
`•
`
`•
`
`•
`
`•
`
`Regulatory compliance. Enables outbound messages to comply with national and state government and industry-specific privacy regulations.
`
`Superior malicious and accidental data loss protection. Protects against the loss of sensitive data, whether from a cybercriminal attempting to
`exfiltrate valuable data from a compromised system, or from an employee accidentally distributing a file to the wrong party through email,
`webmail, social media, file sharing, or other Internet-based mechanisms for publishing content.
`
`Easy-to-use secure communication. Allows corporate end-users to easily share sensitive data without compromising security and privacy, and
`enables authorized external recipients to transparently decrypt and read the communications from any device. Our mobile-optimized interfaces
`provide an easy experience for the rapidly growing number of recipients on smartphones and tablets.
`
`Reduction in “attack surface”. Enables the automated protection of sensitive data, reducing the amount of critical information potentially
`exposed to an attacker in a breach scenario.
`
`Proofpoint Enterprise Archive
`
`Proofpoint Enterprise Archive is designed to ensure accurate enforcement of data governance, data retention and supervision policies and mandates; cost-
`effective litigation support through efficient discovery; and active legal-hold management.
`
`Proofpoint Enterprise Archive can store, govern and discover a wide range of data including email, instant message conversations, social media
`interactions, and other files throughout the enterprise. The key capabilities within Proofpoint Enterprise Archive include:
`
`7
`
`

`
`Table of Contents
`
`•
`
`•
`
`•
`
`•
`
`•
`
`Secure cloud storage. With our proprietary double blind encryption technology and the associated data storage architecture, all email messages,
`files and other content are encrypted with keys controlled by the customer before the data enters the Proofpoint Enterprise Archive. This ensures
`that even our employees and law-enforcement agencies cannot access a readable form of the customer data without authorized access by the
`customer to the encryption keys stored behind the customer's firewall.
`
`Search performance. By employing parallel, big data search techniques, we are able to deliver search performance measured in seconds, even
`when searching hundreds of terabytes of archived data. Traditional on-premise solutions can take hours or even days to return search results to a
`complex query.
`
`Flexible policy enforcement. Enables organizations to easily define and automatically enforce data retention and destruction policies necessary
`to comply with regulatory mandates or internal policies that can vary by user, group, geography or domain.
`
`Active legal-hold management. Enables administrators or legal professionals to easily designate specific individuals or content as subject to
`legal-hold. Proofpoint Enterprise Archive then provides active management of these holds by suspending normal deletion policies and
`automatically archiving subsequent messages and files related to the designated matter.
`
`End-user supervision. Leveraging our flexible workflow capabilities, Proofpoint Enterprise Archive analyzes all electronic communications,
`including email and communications from leading instant messaging and social networking sites, for potential violations of regulations, such as
`those imposed by Financial Industry Regulatory Authority ("FINRA") and the SEC in the financial services industry.
`
`Key benefits of Proofpoint Enterprise Archive include:
`
`•
`
`•
`
`•
`
`•
`
`Regulatory compliance. Helps organizations meet regulatory requirements by archiving all messages and content according to compliance
`retention policies and enabling staff to systematically review messages for compliance supervision.
`
`Proactive data governance. Allows organizations to create, maintain and consistently enforce a clear corporate data retention policy, reducing
`the risk of data loss and the cost of eDiscovery.
`
`Efficient litigation support. Provides advanced search features that reduce the cost of eDiscovery and allow organizations to more effectively
`manage the litigation hold process.
`
`Reduced storage and management costs. Helps to simplify mailbox and file system management by automatically moving storage-intensive
`attachments and files into cost-effective cloud storage.
`
`Proofpoint Social Media Security & Compliance
`
`Our Social Media Security & Compliance solution enables customers to effectively protect their online brand presence and social media communication
`infrastructure. Our technology automatically identifies and remediates fraudulent social media accounts, account hacks, and content that contains malware, spam
`and abusive language. In addition, the solution enables enterprises to enforce policies on authorized accounts and posts in order to comply with a wide-range of
`social media regulatory requirements including FTC, FINRA, FFIEC, FDA, HIPAA, PHI, SEC, ABA and more. Key capabilities within Proofpoint Social Media
`& Compliance include:
`
`•
`
`Discovery : Using a native cloud-based platform, customers can quickly find the social media applications, accounts, and properties that are affiliated
`with their brands, measure the footprint and activity for their accounts, benchmark that against competitors, identify key content and risks and report
`on aspects of security and compliance.
`
`• Monitoring : Leveraging social media APIs, the platform can monitor and apply content policies to the brand’s owned social media accounts for
`security, compliance and acceptable use.
`
`•
`
`Protection : Using proprietary Deep Social Linguistic Analysis (DSLA) technology, social media and brand managers can aggregate content from
`across their enterprise and review