More than four out of five businesses fail basic security tests according to Sophos. Research carried out by the security vendor found that 81 percent of corporate endpoints failed basic tests.

For 40 days, Sophos ran its Endpoint Assessment Test, a free online scanning service that checks for endpoint security vulnerabilitieson 583 corporate endpoints from around the world.

Test results showed that 63 percent were missing at least one Microsoft security patch; more than half (51 percent) of endpoints tested had their client firewalls disabled, and 15 percent had out-of-date or disabled endpoint security software.

"Ultimately, machines that fail such a test represent 'low hanging fruit' for cybercriminals and a real danger to their corporate networks," Bill Emerick, vice president of product management for Network Access Control, said.

North America represented 39 percent of the sample base, while the UK made up 36 percent, and Australia and Germany were 11 percent and nine percent respectively (five percent were from other countries).

Sophos says thirty-nine percent of those tested were part of an organization with fewer than 100 employees; 36 percent had between 100 and 1,000 employees; and 25 percent were from organisations with more than 1,000 employees.