Epic has developed a set of online services for developers to use in their video games (which we’ve named “Epic Online Services”). Epic’s intent is to provide these services to you for use in your video games in the same manner and at the same level of quality as Epic expects for its own games.
As game developers ourselves, we know that security and trust is paramount. We are committed to protecting information systems, intellectual property, personal and customer data from misuse or compromise.
We work to achieve this through the implementation of a comprehensive Security and Risk program that includes administrative and technical safeguards to prevent the loss, unauthorized use, access or disclosure of Epic Online Services and customer data.
The Security program defines a risk-based strategy, combined with a strong control framework, to deliver a common sense, defense-in-depth based plan that is built for security and resilience.
Epic uses the Center for Internet Security Critical Security Controls framework in the development and review of Epic Online Services company security requirements and controls.
Epic Games has defined the policies and operating security standards for Epic Online Services that demonstrate our commitment to maintaining a secure environment. The Security standards are designed to efficiently establish foundational actions and protection against common threats and cyber-attacks.
This policy focuses on the following principles for our customers:
· Integrate Security
· Manage Security Risk
· Manage Access
· Protect Data
· Monitor Threats
Epic will inform you as soon as practicable after detecting any unauthorized destruction, disclosure, corruption, or loss of information to your intellectual property, personal or customer data or any confirmed breach of any environment containing them.
If you think you have discovered a vulnerability or any other security issue with an Epic service or product please report it to us by emailing us at firstname.lastname@example.org.