Eight out of 10 PCs are lacking at least one type of basic security, according to new data from Sophos.
The computers do not have the latest Microsoft security patches, or have disabled client firewalls or are missing endpoint security software updates.
The IT security firm collated information from those using its free online scanning tool which scans PCs for security vulnerabilities.
Sophos said that 81 per cent of corporate endpoints tested failed one or more of these basic tests.
More than six out of 10 were missing at least one Microsoft security patch, half had their client firewalls disabled and 15 per cent were running out-of-date security software or had disabled their protection altogether.
"Administrators reading these stats might think they are sitting pretty and have nothing to worry about," said John Shaw, director of endpoint security and control at Sophos.
"But I would challenge them to run this free tool and doublecheck the security levels within their network. The findings have been staggering."
Shaw added that the lack of basic security is not limited to company size. " This problem is not only affecting smaller companies," he said.
"One quarter of testers represented enterprises with more than 1,000 users, while 36 per cent were mid-sized companies ranging between 100 and 1,000 users. "
Shaw urged IT managers to investigate their endpoint security now, rather than having to perform a "post mortem to find the holes" after a problem arises.
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane
Trained on curated data from Moorfields Eye Hospital, the neural network also shows clinicians how it reached its judgement
Yokohama National University demonstrate technology that could lead to a fault-tolerant universal quantum computer
Top-of-the-range Threadripper 2990WX now available from Scan, Ebuyer, Overclockers, Novatech and Amazon