This, says the report, improves customer service and increases the efficiency of the IT function. As a result, says the study, providers conclude that they cannot provide complete assurance that their products or services are sufficiently secure.
The study – titled 'Security of Cloud Computing Providers' – found that the majority of cloud providers allocate just 10% or less of their IT resources to security.
Unsurprisingly, say Computer Associates, the results also showed that less than half of the respondents agreed or strongly agreed that security is a priority.
The study also found that cloud providers are more focused on delivering benefits, such as reduced costs and speed of deployment, rather than security.
Mike Denning, Computer Associates' general manager for security, said that the focus on reduced cost and faster deployment may be sufficient for cloud providers for now, but as organisations reach the point where increasingly sensitive data and applications are all that remains to migrate to the cloud, they will quickly reach an impasse situation.
"If the risk of breach outweighs potential cost savings and agility, we may reach a point of 'cloud stall' where cloud adoption slows or stops until organisations believe cloud security is as good as or better than enterprise security", he explained.
Delving into the report reveals that, after taking in responses from 127 cloud service providers on both sides of the Atlantic, researchers found that 55% of respondents were offering software-as-a-service, with 34% offering infrastructure-as-a-service, and just 11% offered platform-as-a-service.
According to the study, given the well-publicised concerns about the potential risks to organisations' sensitive and confidential information in the cloud, "we believe it is only a matter of time when users of cloud computing solutions will demand enhanced security features."
"However, until this happens users of cloud computing should be aware of their responsibility to assess the risks before migrating to the cloud," notes the report.
Against this backdrop, the report concludes that it is important that end-users – who are making many of the decisions to work in the cloud – should be educated about the need to thoroughly vet applications for their ability to safeguard information in the cloud.
"Finally, cloud users and providers should consider the importance of working together to create a secure and less turbulent computing environment."