Obtaining Knowledge for Innovation: Benefits and Harms of Procedures for Managing Information Security

The research reported in this article aims to describe how the processes of information security used in a manufacturing and packaging paper company influenced the attainment of knowledge on two innovations. The study was conducted through field research, using interviews, narratives, direct observation and thematic analysis for data collection and data processing. The research started from the assumption that even considering the importance of managing information security and its benefits to an organization, the processes of logical security, and physical access controls, would undermine the process of obtaining and transference of knowledge required by innovations. It was observed the presence of five instruments of physical and logical security: "confidentiality", "general control of protection", "antivirus", "backups" and "facility security procedures" which did not interfere negatively in obtaining knowledge. The single barrier identified for the transfer of knowledge was the lack of absorptive capacity of knowledge workers. Therefore, the case describes a situation where a clearly and consistent information security policy allowed the obtaining and transferring of knowledge necessary for innovation. In other words, the assumption of the research was rejected by the findings.