Short of locking every user out of the network, there aren't any definitive ways to prevent insider threats. Observation is key as the majority of fraud-related issues are discovered through anonymous tips or by accident. Our objective then is to increase the rate by which we "happen" to identify when issues are occurring. Changes surrounding an individual can be the first sign of bad activity.
