Eight out of 10 PCs are lacking at least one type of basic security, according to new data from Sophos.
The computers do not have the latest Microsoft security patches, or have disabled client firewalls or are missing endpoint security software updates.
The IT security firm collated information from those using its free online scanning tool which scans PCs for security vulnerabilities.
Sophos said that 81 per cent of corporate endpoints tested failed one or more of these basic tests.
More than six out of 10 were missing at least one Microsoft security patch, half had their client firewalls disabled and 15 per cent were running out-of-date security software or had disabled their protection altogether.
"Administrators reading these stats might think they are sitting pretty and have nothing to worry about," said John Shaw, director of endpoint security and control at Sophos.
"But I would challenge them to run this free tool and doublecheck the security levels within their network. The findings have been staggering."
Shaw added that the lack of basic security is not limited to company size. " This problem is not only affecting smaller companies," he said.
"One quarter of testers represented enterprises with more than 1,000 users, while 36 per cent were mid-sized companies ranging between 100 and 1,000 users. "
Shaw urged IT managers to investigate their endpoint security now, rather than having to perform a "post mortem to find the holes" after a problem arises.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago