The concept of improving the security of IT systems supporting the storage of knowledge in organizations

This article presents the concept of improving the security of information systems intended for storing knowledge in organizations. It is designed to protect knowledge from leakage, theft or destruction, but without denying access to its resources to employees. It is possible thanks to the introduction of the so-called security and sharing groups (S&S groups) that have two attributes at the same time - the level of knowledge security and the level of knowledge sharing. The proposed concept also assumes assigning knowledge categories to data and enabling the organization to manage the allocation of operations on data from individual knowledge categories to S&S groups. As a result, the system enables the protection of the most valuable knowledge resources, without restricting access to its other categories. The developed concept makes it easier to find a compromise between the strength of security and the free flow of knowledge at the time of system implementation. In addition, the dynamic ability to choose the level of security and the level of access to knowledge in the system allows adaptation to changes taking place in the environment of the organization and increases its resilience.