Not a single week goes by without a serious data breach. IT security has become a standing topic at board meetings and companies are investing billions in new security systems for prevention, detection, access management and restrictive policies for end users. While the financial impacts are well understood, the business consequences of limiting Generation Y's digital flexibility are underestimated.

Much has been written about the new generation of information workers, and we are all familiar with their inclination toward technology, mobility and flexible work schedules. However, the current technical tool set of most corporations is not keeping up. For Generation Y, on-premise storage, corporate data centres or VPN connections no longer cut the mustard. I have heard from HR managers who interview very promising creative talents for non-technical roles who ask for specific Apple laptop models, the latest iPhone and want to know about the email system used and how they can access company data from outside the office. Only after receiving satisfactory answers will they agree to sign the contract.

Companies who view this development as a threat will not attract new talent and will eventually lose top talent. Those who express a clear commitment to this new generation of employees, their ideas, values and objectives will acquire and retain the most engaged, loyal and creative staffers.

Of course, this comes with the challenge of securing a company's digital assets. While sociologists reveal that Generation Y is less likely than earlier generations to follow rules and regulations, there's evidence that they have a strong desire for good reputations, to show knowledge, experience and intellect.

Creative companies might just present the opportunity to Generation Y as a business competency that will contribute to their professional success. Management, HR and IT teams need to collaborate to provide the right training, executive sponsorship and day-to-day support. IT support personnel at all levels should be trained on business processes, contractual & legal restrictions, and security standards of various SaaS tools available. Does Basecamp offer servers in the European Union for storing personally identifiable information (PII)? Does Box.com offer on-premise storage options? It will be much more likely that a SaaS-savvy end user will accept advice from first-level IT support if that person understands the value of a suggested tool, and can explain how an alternate (and vetted) tool offers the same benefits at a higher security level. Telling an end user that support cannot be given for non-standard tools is not a message that will improve the relationship. Yet, it is still the one that is given by most enterprise service desks.