Mimecast Limited
Q1 2019 Earnings Call Transcript

Published:

  • Operator:
    Good day, ladies and gentlemen, and welcome to the Q1 2019 Mimecast Earnings Conference Call. [Operator Instructions] And as a reminder, today's conference call is being recorded. I would now like to turn the conference call over to Robert Sanders, Director of Investor Relations. Please go ahead.
  • Robert Sanders:
    Welcome to Mimecast's earnings call for the fiscal first quarter of 2019 ended June 30, 2018. I'm Robert Sanders, Director of Investor Relations. With me on the call tonight are Peter Bauer, our Co-Founder, Chairman and CEO; and Peter Campbell, our CFO. Tonight's conference call is being broadcast live via webcast. A replay of this call will be available on the company's website approximately two hours after the live call has ended. We will make forward-looking statements tonight, regarding the future events and the future financial performance of the company. These forward-looking statements are subject to risks and uncertainties that could cause actual results to differ materially from those in the forward-looking statements. We caution you to consider the important risk factors that could cause actual results to differ materially from those in the forward-looking statements contained in today's press release and this conference call. These risk factors are further defined in Mimecast's most recent Form 10-K filed with the Securities and Exchange Commission. During this call, we will present both GAAP and non-GAAP financial measures. These non-GAAP measures are not intended to be considered in isolation from, a substitute for, or superior to our GAAP results. And we encourage you to consider all measures when analyzing Mimecast's performance. A reconciliation of certain GAAP to non-GAAP measures is included in today's press release, which can be found in the Investor Relations section of our website. The date of this call is August 9, 2018. Any forward-looking statements we make today are based on assumptions that we believe to be reasonable as of this date. We undertake no obligation to update these statements as a result of new information or future events. Now, I would like to turn the call over to Peter Bauer. Peter?
  • Peter Bauer:
    Good evening. Thank you all for joining our first quarter 2019 earnings call. I'll start tonight's call, by highlighting our strong start to the year, and share some of our accomplishments. Next, I'll discuss our platform expansion, with the introduction of our new services for web traffic, and security awareness training. Then I'll cover some unique technology that we have acquired to extend our security capabilities and strengthen cyber resilience for our customers. As we have done in past calls, I'll touch on some new customer engagements, to give you a sense of our progress too and then I'll hand over to Peter Campbell, our Chief Financial Officer, to cover our results in more detail. This Q1 has possibly been one of our most active in a long time from a strategic perspective, I am delighted that while we were executing on many fronts with new product introductions, M&A activities and expanding our presence in Europe, all programs that set us up for even greater medium and long-term opportunity, we've also executed very well in the current period, gaining market share and delivering strong financials. First quarter results exceeded our expectations. Revenue of $78.4 million grew at 35% year-over-year as reported and 31% in constant currency. This better than expected performance was the result of high customer retention, sales of additional services to our base, of now 31,300 subscribers, and the addition of 900 net new customers to our platform. We continue to have success with larger accounts, completing a seven figure upsell with an existing customer and a new Fortune 500 relationship. We won marquee engagements in each of our regions, collectively strengthening our reputation as the cyber resilience leader globally. From a technology perspective, we continue to build out our unified suite of products on top of MIME OS, our multi-tenant micro services based SaaS operating system, that all of our offerings are delivered from. We announced that Public beta of our first web security offering. Mimecast web security leverages the power of MIME OS, including the vast telemetery and intelligence that we gather through protecting our significant global email security customer base. Our web security offering provides this new service to customers in a simple, cost effective format. Inside this same single pane of glass, consistent policy management and reporting environment that they enjoy from all our other products. We're excited about this nascent opportunity, and the extremely fast time to value that we can show our customers who may choose this service in addition to our email security offerings. IDC estimates the market for web security software was $2.9 billion in 2017 and we see an opportunity to evolve our product and gain a share of the spend especially within the base of customers that have already chosen Mimecast as their cyber resilience partner for email. We introduced new capabilities in security awareness training tool. Security awareness training and testing is fast becoming a must have capability for organizations as increasingly as hackers have found success and exploiting an informed apathetic or careless insiders [ph]. They're co-opting or comprising them to gain access to sensitive data, system credentials and all to off on hard cash by helping organizations understand the unique risk profiles of their staff and focusing training and policy efforts in the most important areas we can meaningfully improve customer security postures. Now according to Gartner this market represented $370 million of spend in 2017 and it grew 50% year-over-year. So we're excited to have launched a very compelling offering here from the acquisition of Ataata, which we announced last month. Our solution is effective in improving adherence to security best practices and keeping employees aware of constantly evolving methods being deployed by adversaries. In addition to training we offer risk scoring methodology aimed at identifying high risk individuals and measuring risk mitigation overtime. So we're selling security awareness training to our new and existing customers today. Web security is available to early adopters today and will be generally available during calendar Q4. And we're encouraged by the initial reaction to these announcements and we look forward to updating you on our progress. I'm also pleased to mention that TDPS [ph] continued to enjoy strong sales and our two newer products introduced last year, internal email protect and sync and recover have both continued their strong adoption trends. We also released new functionality for our Google Apps customers to enhance their experience of our platform. Now I'd like to share with you some exciting technology Mimecast has brought to the platform. In July we acquired an advanced malware detection technology through the purchase of Israeli based, Solebit. This unique and ground breaking technology introduces powerful new techniques to identify advanced evasive malware in data files and linked content. This types of malware is a key battleground in the arms raised between organizations and the adversaries that wish to compromise them. Until now the primary approach to identifying this malware has been through Sandbox detonation and behavioral analysis and a key challenge of this approach is that it's computationally intensive and slow, limiting the scale and scope of its use, especially in in-line deployments. And what's more it can be evaded by skilled attackers. The technology we have acquired with Solebit has been proven through a yearlong OEM relationship that we've enjoyed with them to provide an extremely and efficient and effective detection capability within MIME OS. It has been key to several of our strategic wins in email over the past quarters and we've enjoyed a strong engineering collaboration with the Solebit team, envisioning many exciting new areas that we can work with them together on from an R&D perspective. So we're now thrilled to have Solebit as part of Mimecast and look forward to innovating even more closely as one company. As we scale out our email platform further and especially as we evolve our product offerings to additional protocols such as web security and other non-email content venues the value of this high speed malware detection technology becomes a significant advantage. Let me quickly run through some of the engagement wins from this past quarter. Firstly a U.S. based healthcare provider, with over 50,000 employees selected Mimecast for advanced email protection. Now this included protection against advanced impersonation attacks, compromised internal accounts, URL and attachment based threats and sensitive data leakage. This organization has been heavily targeted by advanced malware and so rigorously evaluated Mimecast alongside other leading vendors. Mimecast Solution was selected for having the highest level of efficacy. Now this organization runs a pretty lean IT team and they found by partnering Mimecast they could gain leverage from the in-house skills working with our team and using a single integrated solution to seamlessly manage and solve multiple challenges. Secondly, a U.S. based hospitality company, with about 60,000 users purchased our S2 bundle and added our secured messaging services. This organization was using a computing cloud solution to protect their Office 365 deployment. Despite the layered protection alongside Microsoft, they were dissatisfied with the threats that continued to reach their employees' mailboxes risking security and reputation of their organization. Once again Mimecast was evaluated vigorously before being selected for superior security. Our ability to integrate threat intelligence from Mimecast into this organization's environment through our APIs was also important. Then a UK-based real estate company purchased our M2A bundle which are most comprehensive base bundle solution for email cyber resilience. Now this solution includes, advanced security, data leak prevention, uptime assurance and achieving. The customer also added sync and recover, our cloud data recovery service. Prior to selecting Mimecast threats were bypassing their incumbent security gateway causing downtime and risk to the company. With Mimecast, they simplified IT back consolidating multiple cloud workloads from disparate on premise vendors to the Mimecast Cloud. And they achieved more robust protection. This was a 6-figure deal from a mid-sized organization employing only a few thousand staff. Finally a U.S. based technology company with around 70,000 employees purchased our S1 solution for protection from targeted and unique one-off malicious URL attacks and social engineering attacks focused on very specific people in the organization. There were attacks with and without malware that were finding their way to end users' mailboxes. So after a side by side proof of concept versus other leading security vendors, Mimecast was once again selected for superior effectiveness in blocking advanced threats. Now we're thrilled to expand our franchise here within the tech sector, we're today we already protecting some of the leading and most innovative technology and cybersecurity companies in the world. Now I'd like to take a moment to welcome the new employees who've joined us from across the globe as we continue to attract people seeking an opportunity to do the best work of their careers. With the acquisitions of Ataata and Solebit we bolster our in-house research and development capabilities and we speed our time to market in some key areas of opportunity. This builds on investments and organic R&D that we've continuously performed since our founding in 2003, building a consistent contiguous solution on a unified platform, that allows us to profoundly simplify IT and solve additional customer needs overtime. So in summary, it's been an exciting three months since we talked with you last. We've launched two new services Web Security and Security Awareness Training. We acquired a unique leading-edge technology that benefits customers through stronger protection today and powerful new offerings going forward. Finally, we delivered on our financial targets exceeding the midpoint of our guided range for revenue. With that as an introduction I'd like to turn the call over to Peter Campbell to discuss our financial results in more detail.
  • Peter Campbell:
    Thank you, Peter. Before discussing our results for the quarter, I would like to remind everyone that we adopted the ASC 606 Accounting Standard effective April 1, 2018. We spoke last quarter regarding the acceleration of some revenue into earlier periods but that we expected the overall effect on our revenue would be minimal. Because of the small impact on revenue and the straightforward nature of the impact on our expenses, we will be providing commentary under 606 only. We will provide additional clarification where the difference between the new and old standard is material. So let me talk about our results. Our fiscal 2019 is off to a great start with a record Q1 despite experiencing foreign exchange headwinds. We exceeded the high end of our guidance on revenue and achieved the high end of our guidance on adjusted EBITDA. We generated revenue of $78.4 million which represents growth of 35% as reported and 31% in constant currency over the first quarter of 2018. Note that this achievement was negatively impacted by $0.8 million in foreign exchange when compared to our guidance last quarter. Adjusted EBITDA was $10 million in the first quarter representing an adjusted EBITDA margin of 12.7%, compared to $5.1 million or 8.8% in the same quarter in the prior year. Net customer additions were 900, in line with the first quarter of the prior year but down from our fourth quarter due to normal first quarter seasonality. As Peter noted our total customer count now stands at 31,300. Our average order value or AOV was consistent with the prior quarter at 10,100 and up from the same period in the prior year at 8,800. The AOV in the current period was negatively impacted by foreign exchange headwinds from the rand and the pound in the amount of 300. The increase in our AOV was driven in large part by customers buying multiple services from us. Average services per customer across our base increased to 3, representing a $37 ARPU. With the advent of our new DNS gateway service and our security awareness service, we believe, that we have significantly increased the total addressable market of services we can provide to new and existing customers. Prior to the advent of these new services, customers that take all eight of our services to pay us $95 per user, per year on average. This represented a significant upsell opportunity in our current base, even before we add the effect of these new products. While we are still evaluating the pricing for these products, we believe that this will increase the total for a fully loaded user by $20 to $25. 34% of our customers are now using mine cast Mimecast in conjunction with Office 365, up from 31% last quarter and 24% in the first quarter of 2018. Mimecast's Office 365 customers purchase a higher number of services per customer, 3.3 compared to 2.8 services for customers not on Office 365. Our revenue retention remains strong at 110%, as our customers consistently renew their subscriptions and purchase additional services. Our revenue churn remains at 3%, at industry leading retention rate we have experienced for the last seven years. Turning to gross margin for the first quarter, we recognized a 73% GAAP gross margin consistent with the prior quarter and ahead of our 71% to 72% forecast. We expect gross margin will continue at or around current levels throughout fiscal 2019, as we scale our datacenter investments in Germany. First quarter operating expenses were $59.5 million compared to $44 million for the same period in the prior year. R&D expense was 17% of revenue in Q1 compared to 14% for the same period in the prior year, related mainly to an increase in engineering and product related headcount, as we invest and continue to innovate. We expect R&D expense to continue at this level for the balance of the year. Sales and marketing expense was 44% of revenue compared to 47% of revenue for the same period in the prior year, but increased in absolute dollar terms. Our sales and marketing expenses in Q1 were reduced by $2.3 million in commission expense under 606 as commissions are now deferred and amortized over the expected life of the customer. Over time this difference will reduce as each year we will see an additional year's amortization included in the expense amount. G&A expense at 16% included certain a one-time fees related to the acquisitions of Ataata and Solebit. Excluding these costs we would see a slight improvement over the same quarter in the prior year. We expect G&A to be a source of leverage over time. Adjusted EBITDA in the period was $10 million or 13% of revenue up from $7.2 million or 10% in the prior quarter and $5.1 million or 9% in the same quarter in the prior year. Adjusted EBITDA was positively impacted by the aforementioned change to sales and marketing expense, as a result of the application of ASC 606. First quarter GAAP net loss was $3.5 million or $0.06 per basic and diluted share, based on $59.2 million weighted average shares outstanding. Our non-GAAP net income for the quarter which reflects our GAAP net income exclusive of the effects of stock option expense was $2.2 million or $0.04 per basic and diluted share. We generated $9.1 million in free cash flow in the quarter, compared to $1.9 million in the previous quarter. In the first quarter, our operating cash flows were $16.6 million which is an increase of 43% over the same period in the prior year. We believe that the increase in free cash flow and operating cash flow are indicative of the ability of our model to generate significant cash returns as we scale. However, we expect that free cash flow will fluctuate from quarter-to-quarter as we grow. Turning to the balance sheet, as of June 30, Mimecast had $149.5 million in cash and short-term investments. Our long and short term deferred revenue balances decreased by $8.5 million during the period resulting from reductions due to foreign exchange and the elimination of certain balances related to the adoption of ASC 606 of $11 million in the aggregate. As we adopted ASC 606 using the modified retrospective approach, these changes were applied on April 1, 2018. We bill our customers monthly, quarterly, and annually depending on the location of the customer globally, as well as their preference. We operate in many different currencies. Both of these items can affect the timing and amount of deferred revenues, particularly in times of sharp fluctuations in foreign exchange. As a result, deferred revenue does not always provide a good forward measure of our progress. In connection with the acquisitions of Solebit and Ataata, which we announced after the close of the quarter, we closed $100 million term loan and $50 million revolving credit facility in July 23. This will not impact our financial results until the second quarter. We expect that interest expense related to this facility will be approximately $3 million in fiscal 2019. Now let me turn to guidance. For the second quarter of 2019, we expect constant currency revenue growth to be in the range of 28% to 29%, and revenue to be in the range of $80.4 million to $81.2 million. Our guidance is based on exchange rates as of July 31, 2018, and includes an estimated negative impact of $0.2 million resulting from the strengthening of the U.S. dollar compared to the prior year. Adjusted EBITDA for the second quarter is expected to be in the range of $9.6 million to $10.6 million. Full year 2019 revenue is expected to be in the range of $329 million to $335.9 million or 26% to 29% growth in constant currency. Foreign exchange rate fluctuations are negatively impacting this guidance by an estimated $1.2 million, compared to the rates in effect in the prior year. Due to the fact there was some profound rate moves during the quarter relative to the pound and the rand, I'm going to provide you some additional information with respect to our guidance. Our initial revenue guidance for fiscal 2019 provided in May was $332.5 million at the midpoint. Since then foreign exchange has negatively impacted this guidance by an estimated $7.5 million. However, our overachievement in Q1 of $2.5 million coupled with the strength we have seen in our business is leading us to raise our full year guidance by $5 million, exactly offsetting the effects of foreign exchange. Said another way, we are reaffirming our full year guidance despite a $7.5 million headwind from foreign exchange. I would also note that while we are excited by the potential of our recently announced services, including our platform extension to web security and security awareness training, we do not expect a material revenue impact in fiscal 2019 related to these new services. Full year 2019 adjusted EBITDA is expected to be in the range of $47.7 million to $49.7 million. We've revised our adjusted EBITDA guidance down by $1.3 million, mainly related to the negative impact of foreign exchange in the amount of approximately $1.9 million. We are also planning to increase the amount of investment in research and development related to the Ataata and Solebit acquisitions. This has been offset by the additional leverage we expect to generate in the model this fiscal year. In summary, I'm happy to once again deliver results that exceed our expectations. I'm also very pleased with the way our global teams perform together to launch new products, acquire new technologies and remain focused on Legendary Customer Service. So with that, I would like to thank you for your time and open the line to your questions. Operator?
  • Operator:
    Thank you. [Operator Instructions] And our first question comes from Gabriela Borges of Goldman Sachs. Your line is now open.
  • Gabriela Borges:
    Great. Good afternoon. Thanks for taking my question. Maybe for Peter Bauer, I know you get asked about this every quarter but the incremental color is always helpful to us. Could you talk about win rates in the mid-market and the larger end of the enterprise customers that you're getting today, 5,000 seats now about? And maybe just give us an update on the pricing environment. Thank you.
  • Peter Bauer:
    Great, thanks Gabriela. Yes, so once again we've had a great run in our huge mid-market opportunity and as I pointed out in the prepared remarks, some really nice wins up market as well that we're very pleased with. So this mid-market opportunity we really see as being in that sort 50 to 5,000 seat space. That's where we're doing about 75% of our revenues today. There are many organizations in each of the global markets that we operate in and we've very successful at excelling to in our product and our go to market motion is optimize for capturing that opportunity. So we remain very focused on that. At the same time, we do continue to be pulled up market into some of the larger opportunities. I think that some of the reasons that I spoke about with some of those larger wins a few moments ago is down to the quality of our product, the superior security efficacy that we're able to demonstrate and deliver to these customers; and also because of the comprehensive nature of our suite, and how it can really help even larger organizations to simplify the IT environment. And particularly larger organizations which have what we think about is a lean IT staff. So not a particularly large team of IT and security folks in many cases. From a pricing environment point of view, again we seen that being pretty consistent over previous quarters. We've continued to see customers buying more products from us and buying into the suite. And that's giving us some nice flexibility because of the differentiated nature of our bundles and the differentiated nature of the some multi-solution capability that we offer that makes it really nice for our sales organization to be able to control the pricing conversation with customers.
  • Gabriela Borges:
    That's helpful color. Thank you and a follow up if I may, on one of the strategic announcement, specifically with the initial foray to web services. Could you just talk a little bit about the decision to start adding on that particular functionality specifically as it pertains to the marquee tenant architecture that you have. Why is that the right fit in addition to services that you already provide. And to the extent you can share a little more about the roadmap that will be really helpful. Thank you.
  • Peter Bauer:
    Yeah. Great. Absolutely. So obviously email is a huge security threat vector. And we specialize on that and we've gained a lot of knowledge and experience. We have a huge amount of telemetry and a big network of customers and exposure to the threat landscape through our email business. We've also built all of these solutions as you mentioned in a multi-tenanted micro services architecture. And there is some generic capabilities security capabilities that we built out in MIMO OS or our email products and our targeted threat protection product in particular that are highly applicable to the web security threat vector. And so we took a look at this market opportunity and felt that it has some similarities to the email market, in that there are many legacy competitors in the space just like we've seen historically in emails market. There is many applied space deployments out there. There are many first generation cloud offerings in the market. We thought that we have a unique advantage in leveraging MIMO OS to extend our suite to deliver something that's both simpler and cheaper but also a more powerful solution to our customers. And then we would have somewhat of an unfair advantage in particular taking that solution to the 30,000 plus customers that we have in our base as an extension to the email solutions, that they've chosen with us. So we started the journey we've announced that this is a V1 of our product. And the roadmap and the investment will continue. And we think that some of the developments that we put in place around web security will also play back and be complementary into our core email products as well. So we think that they're highly synergistic from an R&D perspective and obviously bring great value to customers being able to buy both of those solutions with the same suite.
  • Gabriela Borges:
    I appreciate the color. Congrats on the quarter.
  • Peter Bauer:
    Thanks, Gabriella.
  • Operator:
    Thank you, and our next question comes from Saket Kalia of Barclays. Your line is now open.
  • Saket Kalia:
    Hey guys. Thanks for taking my questions here as well. Maybe first for you, Peter Bauer just picking up on the web security announcement. Can you just talk a little bit more about your go-to-market strategy for kind of building the business and also just as importantly frankly how the competitive landscape looks specifically in the mid-market customer base. I think we all know sort of how it looks in web security more broadly but is that landscape any different in your customer base and is that something you can take advantage of?
  • Peter Bauer:
    Yeah, absolutely that's a great question, Saket. So in the mid-market there are a large number of customers who certainly when we look within our customer base, the customers there are relying on on-premise based web security solutions. Now those maybe unified threat management capabilities that they are using through their Firewall vendor or those maybe endpoint based web - full training on web security offerings or they may be full blown web proxy who sit on the edge of their network. The challenge with all of those is that they are part of a legacy generation of technology. So the efficacy and the responsiveness that they can offer is less. But also the coverage that they provide is increasingly in users and applications and devices are moving off the network and organizations are going through a changes such as M&A and other forms of expansion and so the appetite for a more flexible cloud-based solution much like what we deliver to our email customers, we found to be pretty good. So we're going into those markets I think with a good proposition, a could V 1 [ph] proposition. We're going to learn and we're going to grow within the space but we think it's a long game and we think that the markets can be served better by a more integrated solution. From a go-to-market point of view we expect to sell this SKU very much like all of our others as a subscription-based offering. We think that it's somewhere between $10 and $20 on a per user per year basis we think the market is pretty big. There's a few hundred million users out there like with our email solution that we can sell through. IDC recently updated their numbers on the market sizing. I think you and I talked about that as well, $2.9 billion spent in this area. So we think it's a nice market that can probably support several strong players in the space. Our existing sales people along with all of the other products our sales teams are all trained to be able to sell the whole suite. They're all multi-product trained and that's particularly effective in the mid-market and our initial focus naturally will be on our existing customer base where we have something over an unfair advantage.
  • Peter Campbell:
    And just to add to that I mean for this product as Pete said is V1, it's still early days I think we're going to learn a lot this year. We're going to continue to develop it. So we don't expect to see significant revenue achievement on that product in this fiscal certainly. I think we'll spend this year kind of developing and learning and evaluating the way in which we can best attack this opportunity.
  • Saket Kalia:
    Got it. Maybe from my follow up for you Peter Campbell with the acquisitions in the quarter Ataata and Solebit, can you just touch a little bit on any potential revenue and profitability impact that those might be having? It doesn't seem like it is based on the guidance but I was just wondering if you could talk about sort of annual run rates whether the model's digesting any sort of purchase accounting impact and sort of anything related to those deals vis-à-vis the guide?
  • Peter Campbell:
    Sure, sure, so on first off I'd say we're really excited about the profitability and the potential of these new technologies that we purchased, both Ataata and Solebit. Both of these acquisitions are technology acquisitions. We've acquired a small number of customers. Ataata has less than a 100 customers, Solebit has less than 10 customers. So we acquired a small number of customers not a material not on revenue, particularly once we take into account the deferred revenue head cut, we are going to have to take on the purchase accounting. I think the benefit here is the increased competitiveness in our core and emerging products that we going to see and particularly with the subscription model, we expecting to see the effects of that in fiscal '20 which begins in March. But we don't expect to see a material amount of revenue, this fiscal year, through the acquisitions. But we do expect to see that kind of start to build a hell of steam and start to reflect on next fiscal year. With respect to the bottom line, I did mention in my prepared remarks that there is some additional engineering investment for Solebit and Ataata particularly the kind of engineering team that we picked up from Solebit. I didn't - I don't expect that to have an effect on - I do expect it to have an effect on bottom line, but as I mentioned in my comment that the gains that we saw in and the leverage that we saw in the model in the first quarter and we expect to see in the rest of the year as all saying the additional expenditure that would have hit the bottom line in fiscal '19. So we would expect that to be very flat.
  • Saket Kalia:
    Got it, very helpful guys. Thanks very much.
  • Peter Campbell:
    Thanks Saket.
  • Operator:
    Thank you, and our next question comes from John DiFucci of Jefferies. Your line is now open.
  • Unidentified Analyst:
    Hey guys, this is Joe on for John, thanks for the question. You've organically and through M&A done a great broadening the product portfolio in the context of the breadth of Mimecast existing operating. But how should we think about it going forward. Are you happy with the current portfolio and monetizing that? Or is there any other solutions or low hanging fruit of areas of capabilities that you would like to add?
  • Peter Bauer:
    Yeah, Joe, I think, we're also - we're already thrilled with the progress that we made introducing new offerings. I think, at the time of IPO and shortly after, we spoke about introducing an additional spillable [ph] module, so roughly every 18 months or so. If we look back at back fiscal we had two new spillable modules with IEP or internal email protect and sync and recover. And both continue to gain traction and grow as product. This fiscal we've already announced the two new spillable products with the Ataata product as well as our web security product. So we are really pleased with how we're executing and innovating and bringing new propositions and offering to market on the platform. Naturally that will continue. That will be additional capabilities that we deliver in the following fiscal, no doubt and the things that we're working on. We think the MIME OS platform gives us real leverage into new areas that we can develop organically and naturally we will be looking, from an M&A point of view at opportunities that might say capitalize our ability to expand. Having said that, we continue to invest, the bulk of R&D results in the core cyber resilience for email proposition. And we think there is still a very large opportunity in advanced email security and in the email and unstructured data archiving space and some of the other smaller adjacencies that we've already entered into around that space. So you'll also see in our product announcements a number of improvements and upgrades that we have introduced to our existing customer base in each of those areas and new capabilities that we introduced in targeted threat protection around impersonation and various other things like that. So we're - Pete mentioned in his prepared remarks that we've continued to increase our investment in R&D. We're very excited about this platform and we're excited there as more and more customers are looking to cloud to solve more of the problems that we can help them with.
  • Unidentified Analyst:
    That's helpful and good to hear. And then just a quick follow up. I think, you mentioned to deferred third revenue there was $11 million headwind from ASC 606. Can you quantify the FX impact as well?
  • Peter Bauer:
    Sure, that's the total headwind. So we had an impact on deferred revenue of $11 million of which $6 million has to do with ASC 606 affect and $5 million has to do with foreign exchange.
  • Unidentified Analyst:
    Okay, thanks guys.
  • Peter Bauer:
    Thank you.
  • Operator:
    Thank you and our next question comes from Matt Hedberg of RBC Capital Markets. Your line is now open.
  • Matthew Hedberg:
    Hey, great guys, thanks. I wanted to ask you about your new German data center that came online this year, how that's progressing. And then be more broadly speaking, how do you think about additional investments in the continent to support additional geographic expansion there.
  • Peter Bauer:
    Yes, Matt thanks. So as you know we opened our German data centers - it was yes, - in June, yes. I had a look, they really good, blinking lights, wired service and cool air. So it felt like a real blooming, breathing Mimecast data center. The team has got it done and doing really well and we've been finding some good initial business. We've brought on a nice mid-size accounting firm, we signed a law firm, and we brought in a great education customer, retail customer, and provincial governance. Also a number of midsized manufacturing firms, which I think is sort of playing out as we sort of early steps of exactly how we perceive that market to be available to us. So a great mid-market opportunity across multiple sectors, a strong manufacturing base. That's certainly open to our preposition, a slightly different landscape from an Office 365 perspective, lower penetration in that market, initiating, we are excited about that because we think that's a growth opportunity for us as that fixes up more momentum in the coming years. So, we really feel we have creatively put on our investment in that market and we look forward to more.
  • Peter Campbell:
    So Matt, just so you know, I mean, we have been selling into the continent for many years. We've - our office in Germany, followed an office that we had in the Netherlands. And before that we were selling out of the UK. So we are now - the Germany is a full service office with CS people with service delivery people, with wholesales teams and a grid. It is a much more kind of permanent establishment if you will in terms of building out a base to kind of service, not only German but European customers and we are very kind of excited that, that is now fully up and running. The data centers slowing going and Pete mentioned some of the those initial, and it's very encouraging, we think it's a big market to take advantage of there and now we're set to do that a bit more aggressively.
  • Matthew Hedberg:
    That's super helpful. Thanks for that additional color. And then as a follow-up question, we have been spending a lot of time talking about your success in slightly larger customers. But I was very curious on the opposite side of that. I think we're about a year and a half away from your key customer, as I think a lot of that was due to the smaller [indiscernible] customers. Can you talk about the trends you have seen in that base of customers as they renew, has there been much upsell, beyond sort of the initial conversion and maybe how the renewal rates trended there, I assume they are probably lower given some of the more of the smaller but same, any additional color on that, now you had some time to see some of those customers renew.
  • Peter Bauer:
    Sure, so certainly, what we call micro customers, have a tendency to go through bankruptcies [ph], more and more directly. So just to kind of refresh everybody on the renewal rates. They were a 110%. Our churn rate is about 3% and it has been like that for seven years. Within that churn rate about half of that is M&A and bankruptcy. So we do see kind of bankruptcies. We're more likely to see that in when we call the micro customers. But we did add a large number of customers through the McAfee tailwind and many of those customers has renewed and continue to renew and benefit from our service. I would say, you are right that when you look at really small customers, they are less likely to take advantage of the full depth of the services that we can provide. The inter-connectiveness of the contiguous services that we can deliver on the grid and the multiple benefits that you'll get from them aren't always applicable or useful to five or 10 seat shop. But that said those customers do represent a smaller amount of our revenue. Our upselling, like selling, retaining our customers and selling them additional product is a core competency of the business and we do continue to do that across the base. And so there are a number of small customers that do that. We do continue to sell additional products to small customers, but as you said, they are very micro ones would be less likely to take multiples of products.
  • Matthew Hedberg:
    That's great, thanks, well done on the quarter, guys.
  • Peter Bauer:
    Thank you, Matt.
  • Operator:
    Thank you, and our next question comes from Catharine Trebnick of Dougherty. Your line is now open.
  • Catharine Trebnick:
    Thanks for taking the question. Two housekeeping items before the hard one. One is the $11 million deferred revenue, that was year-over-year. So on a quarter-to-quarter basis what would be the FX impact?
  • Peter Campbell:
    So that was - first of all the $6 million sliced off the balance sheet because of 606, ghosted [ph] and wiped into the past. So that's the first bit. The second bit, the $5 million was the effect of from our March 31st rate till the end of June, the amount of deferred revenue that was erased as the rates change particularly the pound and the rand.
  • Catharine Trebnick:
    Okay. Thanks for clarifying that. I heard it wrong. Thank you. And then the second question is you said you had 8 services that tally roughly $95 per user per year. Now is that including two new ones you just released this quarter or not?
  • Peter Campbell:
    No, it isn't. So, first of all when we talk about that that's the net amount that we would get and it's an average that would be revenue generated by us per user per year and that related to the initially [indiscernible] with these two new products you would add over $20 to $25 on top of that.
  • Catharine Trebnick:
    All right. That's it. Thanks a lot, really good quarter, guys.
  • Peter Campbell:
    Thank you.
  • Operator:
    Thank you. And our next question comes from John Pack [ph] of BMO Capital Markets. Your line is now open.
  • Unidentified Analyst:
    All right. Thanks for taking the question. It's John Pack for Keith Bachman. Your Office 365 customers continue to grow nicely at 35%. Can you give us your thoughts on the adoption rate of Office 365 for Microsoft's installed base, relative to yours?
  • Peter Bauer:
    Yeah. Absolutely, so we think that our base is actually quite a good proxy for Microsoft's own progress, give or take a few percentage points in one direction or another. Our customer base represents a pretty typical Microsoft productivity tools user organization. So yeah, we would guess the fact that we have 35% or our customers using 365 and the balance largely on-premise Exchange probably does reflect the market.
  • Unidentified Analyst:
    Okay. Great. And the follow-up is, can you talk about the security capabilities of Microsoft's E5 bundle relative to your Mimecast Email Security capabilities and pricing as well?
  • Peter Bauer:
    Yeah. Great. So E5 is a premium SKU that Microsoft Office - it includes a number of additional features, telephone systems and Call BI [ph] and few other capabilities. Included in that are some more advanced Email Security capabilities when you would get any threat. The SKU is meaningfully more of an investment for customers. I think it moves from being about $240 SKU up to being up to $1,400 for the E5 SKU. E3 is by far the most popular that Microsoft is pretty eager to get more customers buying E5. I think from our point of view, we are successful in selling our services to both E3 and E5 customers alike. Our message to customers is use whatever use security capability you get from Microsoft don't turn anything off. Use and leverage any security technology that you offer that you license from them. I think the reality is though that Microsoft has a bit of an intractable problem because email is such a focused on vector, and such a diverse vector of attack organizations that there are many, many attackers who are sitting all day every day with Office 365 accounts figuring out exactly how to get anything from spam, malware, fishing, impersonation attempts, through Microsoft's defenses and finding out how to gain that system. And so relying on Microsoft solely as your protection in such an important area as email security is often not a great idea and certainly viewed by a security professionals as not been some best practice arrangement. So we've been very welcome in those deployments to add focused, best of breed layered security on top of Office 365, help the customers have a great experience of 365, help them be more confident, more secure and more resilient, both with our additional security technologies as well as our continuity offering and our data recovery capability that we layer on top of Office 365 as well. So a really complementary suite of products for 365.
  • Peter Campbell:
    Just to reinforce that, I mean we've seen that our customers and the market as a whole is applying a layered approach to security. They don't one company to take care of something that's as critical as your data. And so we've also noticed that we've seen customers that use S&P [ph] in conjunction with Office 365 buying multiple products from us even more of than customers who use us with Office 365. We've seen increased demands of security of continuity of archiving and TTP from Office 365 customers which has been consistent as we monitor this quarter over quarter over quarter.
  • Unidentified Analyst:
    Great. That's very helpful. Thank you.
  • Peter Bauer:
    Thank you.
  • Operator:
    Thank you. And our next question comes from Tim Klasell of Northland Securities. Your line is now open.
  • Tim Klasell:
    Hey guys. I'll add my congratulations as well on a nice quarter. First question has to do with the two recent acquisitions. Obviously technology I'd almost call them aqua hires if you will. Is that we should expect going forward, should other opportunities arise, or what's your appetite for acquisitions that maybe have more installed base and revenue streams maybe a little bit larger. Thank you.
  • Peter Bauer:
    So, Tim, it's Peter Bauer here. And the way we thought about M&A historically has been, how do we build products and capabilities within the design ideology that we fall out with MIME OS. So the key to this is looking at such a large market opportunity denominated in hundreds of thousands of organization. And today we have 30,000 customers building an integrated suite. So that each customer gets a very simple experience despite the fact that there is a broad range of solutions within it. But also that as from an operational point of view our working with a contiguous multi-tenanted platform with the same code-based and the same leverage of micro services that underpin all of our product. It means that we have added firstly to an enormous amount of organic development, but then secondly that we are extremely selective about how we approach M&A as well. And so that's what you're seeing play out in our M&A strategy today. So I would anticipate that our intention would be more towards technologies and skills that are consistent with that approach. And then we are probably less likely to be a company that some up and buys wholesale businesses with go-to-market functions and teams and revenues and things like that. That maybe something for later down the line in our evolution as a company but right now we're really following this methodology and looking at M&A as a catalyst for progress along that track as opposed to something that's perhaps more financially driven.
  • Tim Klasell:
    Okay. Great. And then a quick follow-up. As you go into Germany, obviously a lot of mid-sized corporations there but the Office 365 drivers and I know maybe GDPR and other things, what's different inside of Germany than maybe what we're used to seeing in UK and United States. Will the profile be different of that sort of customer? Thank you.
  • Peter Bauer:
    Yeah. I think the nature of German companies other than the large multinationals and the big public companies, I think there is a huge number of private companies often multi-generation and family owned organizations, there is a huge manufacturing and engineering sector there. And so the attitudes and the orientation towards technology investment is a little bit different from what one might see in the UK or the U.S. for example. So I think what we're seeing is an increased awareness around cloud and increased awareness around the security imperatives, and a desire not to be caught short in regulatory areas, particularly things like GDPR. And so we think that as those things come together, it provides a really nice opportunity to bring Mimecast Cloud solution into that market at a time when we would think that cloud technologies really underpenetrated and cloud security technology is underpenetrated. And we have a lot of experience with that because as a cloud company starting in 2003, we spent a lot of our time selling a cloud solution, to a base that wasn't readily moving mail boxes to the cloud but it was looking to simplify and it was looking to offload complex infrastructure, and skills intensive workloads, like the ones that we take care off, to a cloud partner. So we think that we can pick up nicely on that market opportunity. We've obviously hired people with good loads of knowledge and experience in that market and we're building out our partner base to be able to engage with that market very specifically and the investment in local data centers, I think is another very important step in addressing an opportunity.
  • Tim Klasell:
    Okay, great, thank you very much.
  • Operator:
    Thank you, and our next question comes from Alex Henderson of Needham. Your line is now open.
  • Alex Henderson:
    Sneaking in under the bell there. Just a simple one to start off with if we could, could you give us an update on what you think your tax lines are going to look like over the next couple of quarters?
  • Peter Campbell:
    Sure, so we had a provision of about 858 this quarter. I think it's going to be from a GAAP point of view, you going to see that be fairly consistent. And that relates to the taxes, related to our South African operation. From a non-GAAP basis, we're pretty much in line with the provision on a GAAP basis this quarter. But that's going to change as we get through the year, because our U.S. operations profitability ramps up through the rest of the year. So from a non-GAAP basis, you're going to see another couple of million in the back half of the year related over and above the GAAP provision from a non-GAAP provision.
  • Alex Henderson:
    So you are saying that - take the first quarter non-GAAP number in that of a 1 million [ph] by the end of the year.
  • Peter Campbell:
    Well what I am saying is that first quarter number about 860, is going to repeat itself, so about $3.5 million little bit more on a GAAP basis. But I would add another couple of million on top of that, 2 to 2.5. Most of that's going to be in the back end of the year for a non-GAAP basis.
  • Alex Henderson:
    Great. Going back to the Office 365, for a second, when you look underneath the surface of the customers that you're adopting that you're picking up with respect to that 35% number. Can you talk a little bit about the display of them relative to smaller and larger businesses and how they - how those percentages are changing. Are you seeing any move downstream into the middle market there or are those mostly larger companies.
  • Peter Bauer:
    Yes, we are seeing it very consistent across our base. So it's a pretty even split, we don't see it deviating at all really from our average base.
  • Peter Campbell:
    Yes, I think it's pretty consistent small medium and large.
  • Alex Henderson:
    Okay, and then if I could just ask one question more since that was so quick. Can you explain to me what it was this different in the advantage base of malware protection that you're getting here to get around using Sandboxes and UBA, so I can't understand what the mechanics are that you're delivering?
  • Peter Bauer:
    Yes, great technical question. So what the Solebit team recognized was that malware is essentially machine executable code, or fragments of machine executable code that can be pulled together, but it essentially gets transported into an organization in a data file. So that maybe inside the construct of a JPEG file, it could be hidden inside a word document or a PDF and it is either a complete attack inside that file or a component of an attack that is being executed. And so they basically said rather than kind of detonate these files, as one would in the Sandbox environment, and then look to see what happens and look to see how that interacts with the operating system and what tricks it tries to pull, they said let's just look for code, that shouldn't be there. And let's take a zero tolerance approach and say they shouldn't really be any of this kind of code, inside of these files. But the reality is that sounds like a simple methodology. But it's sort of easier said than done, because there a lot of very advanced ways of hiding and obscuring code inside data files. And so as they developed their technology they really also had to specialize in detecting these evasive techniques and these evasion strategies to be able to really peer very, very deeply into files and look for obfuscation and different techniques of hiding code. And so we spent a lot of time with the team and with their technology over the past year and a bit, and really had an opportunity to run their technology and also collaborate with them on the evolution of it, side by side with, the greatest and the best of detection technologies that we have in our stack today, some of which are homegrown, some of which are community technologies, open source technologies, and several of which are commercial technologies that we license in to create a defensive death strategy. So we've really gained a very deep understanding of the unique effectiveness of this technology, how it performs relative to things like sandboxing, how performs relative to various other techniques, both from an efficacy point of view, but also from a speed and efficiency point of view. And so we found it to be so compelling, we decided we would like to own the technology and have the team as part of Mimecast to continue the innovation journey around this approach.
  • Alex Henderson:
    That's very helpful. It's quite clear how you could extend that into a variety of things. Thank you for the explanation.
  • Peter Bauer:
    Thank you.
  • Operator:
    Thank you. And our next question comes from Sterling Auty of JP Morgan. Your line is now open.
  • Ugam Kamat:
    Hey guys, this is actually a Ugam Kamat on for Sterling. So regarding your decision for going into web security, I just wanted to ask, like you said about the investment that you're making in your core email security space. But are you kind of seeing diminishing returns on those particular investments and you want to extend into adjacent and market of security? Or is it more of like realizing the breadth and scope of technology so that you can go or penetrate into those adjacent areas?
  • Peter Bauer:
    Yes. I think quite the opposite to Password [ph], which is suggesting at first. As our base grows and as the scale of our platform increases, both from a user perspective, as well as from a number of monetizable use cases or products, if you want to put it in another way. The stronger our leverage becomes over these underlying capabilities, so as we're adding more and more users, more and more customers and also as we're adding new regions and routes to market, our leverage on this platform is increasing really nicely overtime. Obviously adding a new billable SKU on top of the platform is complementary to that strategy as well. It also creates additional on ramps for new customers to come and join the platform and provides even more stickiness. So there are many sort of dimensions to the leverage that we enjoy off the platform. And that also really motivates us to stick to the methodology and so design ideology behind this technology and this platform.
  • Ugam Kamat:
    That's really helpful. And as a follow-up, if I remember correctly earlier, you had your entire R&D organization was mostly in UK. But just to understand the cost structure of the investments you're making in technology and the FX impact that might ensue from that. How is the R&D organization now characterized in terms of the geographical locations? Are you having more number of engineers that are being hired in United States versus anywhere you are doing in terms of like offshore, like an offshore pattern?
  • Peter Bauer:
    Sure. So that is correct. The core base of our engineering team is in the UK and continues to be in the UK. Obviously with the Solebit acquisition we mentioned there about 35 people of which 33 of them are engineers. So we now have a very sophisticated and skilled R&D security shop in Israel. So you see a little bit of a change in terms of the makeup there and we'll certainly give more color about that as we go. I think that's the most significant change we've always had, core of engineers in the U.S. and will continue to build out on that as well. But I think for purposes of your modeling and when you're looking at the numbers, and you're looking at the size of the engineering team the lion's share of that's still is in UK and London.
  • Ugam Kamat:
    Got you. Thank you so much guys. That was really helpful.
  • Peter Bauer:
    Thanks you.
  • Operator:
    Thank you, and that concludes our question-and-answer session for today. I'd like to turn the conference call over to Peter Bauer for any closing remarks.
  • Peter Bauer:
    Great, thank you. Thanks everyone for joining the call. We've enjoyed sharing our results with you and we very much look to giving you another update in a few months' time.
  • Operator:
    Ladies and gentlemen, thank you for participating in today's conference. This does conclude the program. You may all disconnect. Everyone have a great day.

Other Mimecast Limited earnings call transcripts: