I'm always interested in the convergence of social issues,especially those relating to new technology and liability exposure.So a story that made the news today really hit all my hotbuttons.

Cisco just came out with a report that finds 7 out of10 young employees (another hot button!)frequently ignore IT policies regarding websecurity. Two-thirds said they believetheir company's policies need to be modified, andabout 61 percent said corporate IT security “isn't theirresponsibility,” placing the onus was on the employeror device manufacturers.

Seventy percent is a big number. And when you drill downfurther, the results get even scarier from a risk managementperspective. Of the majority who ignore IT policies:

• About one-third said they did it because they didn'tbelieve they were doing anything wrong
• About 22 percent did it because they needed to accessunauthorized programs and apps to do their jobs
• About 18 percent said they do not have time to thinkabout policies when they're working
• About 19 percent said they did it simply because the policiesaren't enforced
• About 16 percent said following policy isinconvenient
• About 15 percent said they forgot to followpolicy
• About 14 percent said they did it because theirsupervisors aren't watching them.

So what exactly are these Millennials doing online that isverboten by IT? (Hint: It isn't porn sites.) Of the mostcommonly restricted devices and apps:

• 37 percent cited online gaming
• 15 percent said Apple Inc.'s iPod
• 10 percent said iPads and tablets
• 31 percent said social networking sites like Facebook, Twitterand YouTube.

The study involved 1,400 college students aged 18 to 23, and1,400 young professionals under age 30 –precisely the tech-savvy,socially engaged demographic that insurance industry recruitersfind so desirable.

Insurance is a notoriously risk-averse industry that isalso sorely in need of an infusion of young talent. And thisis the nexus that could generate problems one way or another,either in recruiting young people, maintaining system security, orboth. And to be fair, the issue transcends our industry.

In defense of “the youngsters,” as Ed Sullivan used to say, thenumbers indicate that companies should rethink some of the morerestrictive IT policies. Even the most Luddite and/or paranoid ofinsurance professionals now recognize the need to use the Web,social media and all the wonderful technology at our disposal — notjust to reach increasingly tech-demanding customers, but tointeract with peers, work remotely on projects and accounts andstay connected with carriers.

You could argue that Facebook, Twitter and YouTube are afrivolous waste of time; but a quick look at any of these siteswill uncover just as much business-related information assinging cats.

And as far as restricting the use of iPads andtablets–huh? At the last industry meeting I attended, morethan half the participants were assiduously taking notes on theirdevices as I scribbled with pen and notepad. I might as well havebeen using a stone tablet, hammer and awl.

On the other side of the coin, security issues arising from webusage, no matter how innocuous, is a very real risk. According to arecent report by PwC, 45 percent of U.S. respondents from 158companies, including insurers, reported their organization hadsuffered fraud in the last year, up 10 percent from 2009. Of thoserespondents, 40 percent were affected by cyber crime. Of course,this doesn't include the risk management threats and potentiallawsuits that can arise from the misuse of technology — justask Anthony Weiner.

So how does a business balance the need for security against theneed for young talent? How are you handling the issue in your ownagency? I'd love to hear from you.