Preparing Your Cloud Solutions for CCPA: Three Steps to Follow

Preparing Your Cloud Solutions for CCPA: Three Steps to Follow

The California Consumer Privacy Act (CCPA) went into effect earlier this month, and the questions on every cloud engineer’s mind are “how will this affect our cloud solutions” and “how can we prepare?” As California remains a top sales priority for the majority of solution providers, businesses need to ensure that they’re compliant with the new law. The exact ramifications for not following the regulations outlined in CCPA are at present unclear, but in order to avoid the headache of legal problems, you must examine your cloud solutions and configure them to maintain compliance with CCPA.

Getting your cloud solutions up-to-date regarding CCPA is critical, and needs to be done as soon as possible. Unfortunately, many cloud engineers aren’t sure how they need to alter their solutions to comply with CCPA, and thus can’t deliver a definitive list of changes to be made. Below, we’ve outlined three essential steps any business needs to take

Looking for a managed service provider to help ensure you maintain compliance in the cloud? Our free 2020 MSP Buyer’s Guide contains profiles on the top cloud managed service providers for AWS, Azure, and Google Cloud, as well as questions you should ask vendors and yourself before buying. We also offer an MSP Vendor Map that outlines those vendors in a Venn diagram to make it easy for you to select potential providers.

Understand the specifics of what you need to do under the law

The core function of CCPA is to give California the citizens the right to know what personal data of theirs is being collected, and whether or not that data is being sold — and to whom. CCPA also grants California citizens the right to request that a business remove personal data from its servers. To that end, cloud solution providers need to create a system where users can access their personal information and submit a request to wipe their data. Make this system as clear as possible to avoid confusion among users; you don’t want to generate bad blood by making this process purposefully vague.

Examine your CCPA readiness

Once you understand the breadth of what your company needs to do to be CCPA compliant, the next step is examining your current CCPA readiness. If your business adjusted its cloud solutions to comply with the General Data Protection Regulation (GDPR), then thankfully, it’s already well on its way (but not quite all the way) to complying with CCPA. Cloud providers need to know outline where and how they collect user data and know where that data is stored and sent.

Protect against unauthorized access

For cloud solutions, a major part of CCPA readiness is having systems in place to detect and deny unauthorized access to user data stored in the cloud. Your cloud team must have a solid identity and access management (IAM) tool in place so that only authorized users are able to access personal data. Otherwise, the personal data your company should be protecting can end up in the wrong hands, which can net you a hefty CCPA fine.


Looking for more info on managed service providers for your cloud solutions? Our MSP Buyer’s Guide contains profiles on the top cloud managed service providers for AWS, Azure, and Google Cloud, as well as questions you should ask vendors and yourself before buying. We also offer an MSP Vendor Map that outlines those vendors in a Venn diagram to make it easy for you to select potential providers.

Check us out on Twitter for the latest in Enterprise Cloud news and developments!

Daniel Hein

Dan is a tech writer who writes about Enterprise Cloud Strategy and Network Monitoring for Solutions Review. He graduated from Fitchburg State University with a Bachelor's in Professional Writing. You can reach him at dhein@solutionsreview.com
Daniel Hein