DESIGN TOOLS
Company

Customer trust center

Valuing customers, earning trust and building strong relationships

Our commitment starts here

At Micron, we realize that addressing the challenges of today’s digital landscape requires steadfast commitment to protecting the trust relationship we have with our customers. We embrace the unpredictability and constant threat to cybersecurity by leveraging the industry standard NIST (National Institute of Standards and Technology) Cybersecurity Framework; ensuring our workforce is trained and ready for any kind of disruption.

We provide transparency about our privacy practices and ensure our customers understand the choices they have regarding their privacy rights and Personal Information.

Information security at Micron

Micron Technology strives to ensure the best possible security for all of the company's assets, including products, processes, tools, intellectual property, privileged or confidential information. We are committed to addressing issues as they arise.

close-up shot of fingers typing on a laptop keyboard

Micron security resources

Frequently asked questions

Yes. Micron leverages the NIST Cybersecurity Framework. For more information, please visit the NIST web site at: https://www.nist.gov/

Yes. Micron has information security policies that are communicated to employees upon hire, and refresher training is required every 2 years thereafter.

Yes. Micron performs targeted annual third-party penetration testing.

Yes. Micron has built its standards based on industry best practices to govern the identity of our team members and their access rights.

Yes. Micron is aligned to industry best practices regarding least privilege access for our team members.

Yes. Micron leverages a privileged account management (PAM) system to manage Micron's privileged accounts.

Yes. Micron has a separation process that involves several groups to ensure full and complete removal of access of departing individuals.

Yes. Micron encrypts data at rest and in-transit.

Yes. Micron has a formal incident response plan that follows industry best practices.

Yes. Micron has a risk management program that performs ongoing risk identification (internal risks, and those identified in our supply chain and third-party suppliers) and tracks mitigation efforts and their effectiveness.

Yes. All employees and contractors are required to sign an NDA.

Yes. Micron has a formal change management program based on the ITIL framework.

Yes. Micron has a robust SDLC (Software Development Lifecycle) based on industry best practices and guidelines.

Yes. Micron has a formal vulnerability management program that continually identifies and patches any known vulnerabilities in our environment.

Yes. Micron has developed several reference architecture guidelines to ensure our environment is configured to least privileged access.

  • Does Micron physically secure their facilities?
    Yes, Micron locations have any combination of the following physical security treatments in place:
    - Access car readers
    - Security cameras
    - Border fencing
    - Metal detectors
    - X-ray machines
    - Restricted on-site camera usage
    - Other security measures performed by Security personnel, which include entrance screenings, patrolling, restricted area audits, passive and active monitoring via security cameras
  • Does Micron ensure that product has not been tampered with from a security perspective?
    Yes. To ensure product is not compromised, Micron uses a combination of physical site security measures and programs at the manufacturing site, the Finished Goods warehouse, with all qualified logistics providers, and depending on product type, there is also tamper-evident features included on the shipping packaging.
  • Do you test your plans on a regular cadence?
    Yes. Micron tests the plans each year.
  • Do you use authentic scenarios?
    Yes.  Micron tests with different scenarios (like earthquakes, cyber, labor, fires, typhoons, etc.) to make sure the plans are effective.
  • Does Micron use standard BC/CM/DR test?Yes. Micron uses a combination of tabletop, structured, and failover testing methods.
    Yes. Micron uses a combination of tabletop, structured, and failover testing methods.
     
  • Does Micron promote risk-based thinking within its team?
    Yes. Our Quality Management System (QMS) processes are at the core of what we do at Micron to ensure end-to-end customer satisfaction and product quality. Promoting the use of Risk-Based Thinking throughout our QMS framework creates a global awareness of risk at any level of the organization, from a specific location to the entire corporation.
  • Does Micron perform process risk management?
    Yes. Process risk management at Micron focuses on the identification of risk within the context of the organization, and the mitigation of what could potentially affect the intended outputs of our QMS processes.
  • Does Micron consider customer expectations when identifying process risk?
    Yes. We look at the needs and expectations of our interested parties, and then determine factors that could impact our ability to meet the intended process outputs or our customers’ requirements. Identified risks are scored using industry best practices to determine the severity of the risks relative to process or company objectives. Mitigation plans are developed and implemented when necessary.
  • Is there a specific role or team at Micron who is accountable for process risk management?
    Yes. QMS process owners are accountable for ensuring the process risk management activities are performed.

Related links