Employees familiar with the inner workings of an organization have the knowledge and positioning to do harm to the company if they are so inclined. The only way to combat the insider threat is to adopt a defense-in-depth security strategy that does more than simply monitor access attempts from outside the electronic enterprise. It must also monitor the flow of information from within. A defense-in-depth strategy has at its core an organization's most precious assets: its information and its knowledge. A top priority for any organization is the preservation of its intellectual property. Vericept Corporation offers total content control throughout an organization from the desktop to the network perimeter. By monitoring all Internet-based traffic and stored data, Vericept identifies, captures, and prevents confidential information loss throughout the network. In so doing, it protects highly sensitive materials and classified information from leaving the network. It complies with procedures for handling protected citizen, patient, and employee information and prevents hacking and malicious activity by employees and contractors. Inappropriate online behavior is also deterred. One Federal agency, a long-standing customer of Vericept, reports that under Vericept there has been a 40-percent decrease in network abuse. The agency focuses on managing behavior in order to ensure proper attention to confidential internal information. The administrators continually enhance internal processes, and the results have been dramatic.