More than four out of five businesses fail basic security tests according to Sophos. Research carried out by the security vendor found that 81 per cent of corporate endpoints failed basic tests.

For 40 days, Sophos ran its Endpoint Assessment Test, a free online scanning service that checks for endpoint security vulnerabilities on 583 corporate endpoints from around the world.

Test results showed that 63 per cent were missing at least one Microsoft security patch; more than half (51 per cent) of endpoints tested had their client firewalls disabled, and 15 per cent had out-of-date or disabled endpoint security software.

"Ultimately, machines that fail such a test represent 'low hanging fruit' for cybercriminals and a real danger to their corporate networks," Bill Emerick, vice president of product management for Network Access Control, said.

North America represented 39 per cent of the sample base, while the UK made up 36 per cent, Germany nine percent respectively (five percent were from other countries).

Sophos said 39 per cent of those tested were part of an organisation with fewer than 100 employees; 36 per cent had between 100 and 1,000 employees; and 25 per cent were from organisations with more than 1,000 employees.

Related stories:

Enterprises left vulnerable as glitch prevents Microsoft patching