Micron product security center
Prioritizing security across products and processes
Prioritizing security across products and processes
At Micron, our commitment to excellence is anchored in our steadfast dedication to comprehensive security for our solutions, driven by our relentless focus on quality.
In today’s data-centric world, security is of paramount importance. IT managers, chief information officers (CIOs), chief information security officers (CISOs) and everyday consumers face ever-increasing threats from cybercriminals attempting to access and acquire private, sensitive and valuable data. These threats call for layered data protection that secures both data in flight, data being transferred into and from storage or memory devices, and stored data, that resides within a storage or memory device.
Micron integrates robust security features into our product designs, such as implementing secure boot processes, establishing a hardware root of trust, encrypting data where applicable, and implementing standardized security features.1 Our “security by design” approach integrates security as a core product and business requirement, increasing our resilience to evolving security threats.
We take security seriously. If you have an issue or concern, report it at our product security and vulnerability reporting site.
Note that no hardware, software, or system can provide absolute security against all threats, so education on best practices to avoid things like spearfishing attacks is critical for individuals and organizations.
1 Micron assumes no liability for lost, stolen, or corrupted data.
Micron products are designed to fortify your most critical data.
Micron DRAM products meet or exceed JEDEC standards that are collaboratively developed by the industry. This consortium includes a dedicated task group on security and data integrity. In addition to designed-in security features, the inherent operation of DRAM requires constant power. Physically removing the device from the system will disturb programmed content.
Micron was first in the memory industry to certify a DRAM product to ASIL D, the highest level of ISO 26262 functional safety requirements. Our proprietary product safety features use existing JEDEC supported pins and mode registers and are developed to improve diagnostic coverage of transient and permanent faults. One such feature is our Testmode Entry Flag. This feature will alert the host to the use of modes that could represent attacks if the host did not specifically request these actions.
DRAM security related assets
Micron customers trust our products to store and help protect their most critical and sensitive data. That is why we build security into the design of our SSDs with robust encryption and authentication features, as well as data sanitization methods consistent with industry standards. We also test the security of our data center SSDs and other select products at key development milestones to ensure they are hardened against known attacks.Our Micron-branded SSD portfolio includes robust security features and is designed to meet our customers’ needs, which often go beyond those specified by industry groups for trusted computing platforms.1 We use numerous methods to enhance the security of data across various SSDs in our portfolio.
1 For the current portfolio of Micron SSDs. Standards referenced are those mentioned in the SSD section of this page, such as TCG, SPDM and eDrive.
2 The DMTF website offers additional information on SPDM.
3 Trusted Computing Group security standards (“TCG standard”) include TCG storage security subsystem classes Opal, Pyrite, and Enterprise.
4 This page on Microsoft's website offers additional details on BitLocker.
Micron NAND devices are used in a wide variety of systems where cost-effective nonvolatile memory is needed. Micron NAND devices are designed to meet and exceed the ONFI and JEDEC standards for NAND that are collaboratively developed by those open-membership industry-leading consortiums.
Micron NAND devices enable commonly used best practices for data integrity, error recovery and access control, allowing host data to reside in a robust device that will meet the performance and reliability needs of the wide variety of systems that use NAND. These are some of the more notable security features available in select NAND products:
NAND related assets
Micron offers a full range of secure managed NAND products to meet the storage needs of a broad array of solutions. Our fully managed devices — including uSD, eMMC, and UFS — handle media management and error correction code (ECC) internally to help make technology transitions more seamless.
Managed NAND products released after April 2019 support an authenticated firmware update mechanism as described in NIST 800-193 Platform Firmware Resiliency Guidelines.
Managed NAND and component-specific security features
Managed NAND products released after April 2019 support the following features:
Note that not all security features are implemented on all managed NAND product families or all product SKUs within a family.
NOR devices are typically used in system boot environments where high reliability, low latency and granular data access are desired. While few security industry standards exist for core NOR functionality, Micron NOR devices enable commonly used best practices for data integrity and access control, allowing user content to reside in a robust device that will perform the system-critical boot process in a reliable manner.
NOR security-related asset
At Micron, we realize that addressing the challenges of today’s digital landscape requires steadfast commitment to protecting the trust relationship we have with our customersView more >
If you have information about a security issue or vulnerability related to Micron asset, send an email to firstname.lastname@example.org.
Please provide as much information as possible about the vulnerability, including any product name and version that is affected.
Micron Technology strives to ensure the best possible security for all of the company's assets, including products, processes, tools, intellectual property, privileged or confidential information. We are committed to addressing issues as they arise.
Micron is steadfastly committed to assessing and remediating a discovered or reported security vulnerability to minimize the impact on our customers and product users. To illustrate our commitment to the security of our products, we include some relevant practices in our vulnerability process at Micron in the graphic below.
If you have an issue or concern, report it at our product security and vulnerability reporting site. Contact your Micron account representative for additional details on these practices.