This is no way to defend against inside threats. Any real threats will use other means of communication. Meanwhile this is just treating everybody as if they can't be trusted.
Have you never worked for a bank or financial company? Never had to take a drug test for your programming job?
US Federal law and the Hundreds of billions of dollars spent on audit, insider trading, cyber security, ex filtration tools STRONGLY point to a corporate culture that is obsessed with defending against internal threats, because that’s the highest source of risk.
sure, highest source of risk. What’s the risk that, say, the FBI director is going to run a borderline op where he selectively exfiltrates information to the press. Still an insider or no?
This is the whole point of culture and society. Mass surveillance didn’t/doesn’t work for the NSA/CIA and it sure isn’t going to work for corporate paymasters either.
How should companies defend themselves from insider threats?