Only 20 per cent of firms enable Wired Equivalent Privacy (WEP) to secure their wireless networks, according to research from the Department of Trade and Industry.
The survey found that more than half of firms that use wireless networks have no additional security controls.
"Businesses seem to be dragging their feet when it comes to introducing security controls over remote access to their systems," said Andrew Beard, the PricewaterhouseCoopers advisory director leading the survey.
A quarter of UK businesses said they relied on password controls to secure their networks. Almost two thirds (58 per cent) of organisations that use PDAs had no security controls. Those controls in place were usually on usage policies rather than technological protection.
"Many of those who want remote access appear to be the least aware of the risks it entails and are senior people with the power to authorise it," said Beard. "The majority of companies do not analyse their security incidents in a way that enables them to identify, which are caused by remote access. Awareness of the available security techniques is poor, leading to inappropriate security controls being deployed."
The survey found that large businesses tended to deploy better controls; twice as many deployed a Virtual Private Network (VPN), while three times as many used two-factor authentication or digital certificates.
One thousand firms were surveyed.
More than half of UK businesses said they provided staff with access to information systems over dial-up or internet. Among large companies the figure grew to 86 per cent, up from 71% two years ago.