The encryption debate is heating up more than ever, with certain governments looking to obtain backdoors into encrypted devices like the iPhone to use them in the fight against terror. But new research shows that not all smartphone users are interested in protecting their sensitive data, especially those using Android.

A study that sought to examine Android device security among employees who access company data with personal devices found that one in three Android devices don’t have lock screen passcodes, which represents the first line of defense against prying eyes.

DON’T MISS: Simple free app alerts you when a program (or hacker) takes control of your webcam

According to Duo Analytics, significantly less iPhone users leave their devices unprotected by not configuring a lock screen password – just one in 20 Apple devices don’t have a passcode enabled.

Using a lock screen PIN or password is a key element for encrypting your data. You really can’t take advantage of an encrypted operating system without protecting the device with some password, pattern, PIN or biometric security.

Duo further found that one in 20 Android devices (or 5%) are rooted, compared to just one in 250 iPhones that are jailbroken. The company also said that one in 10 Android devices have enabled pre-boot passcode device encryption.

Other findings cover the fragmented state of the Android ecosystem. According to the company, as many as 20% of devices run Android 5.1.1, which was Google’s 2014 Android release. Even more worrisome is the fact that 32% of active devices are on Android 4.0 or lower, making them susceptible to the Stagefright vulnerability uncovered last year.

Duo’s full Android security report is available at the source link, with an infographic based on the company’s findings embedded below.