Solution #4: Encryption
Considered by many to be the silver bullet to any security problem, encryption does very little to mitigate the insider threat.
Transport encryption can indeed mitigate the risk of a malicious insider snooping on an internal network (e.g. a rogue network admin). Backup encryption and laptop encryption can certainly lower the risk of careless insiders (e.g. in the case of backup media loss or laptop theft). However, a malicious or compromised insider with legitimate access rights to the sensitive data naturally has access to the information in its unencrypted format. This access can be abused for further leaking the information. Moreover, a malicious insider with legitimate access to the information can tamper with it regardless of where exactly encryption is applied.
Some forms of malicious insider threat can be mitigated if end-to-end data encryption is used (e.g. when the malicious insider is a database administrator). That is, the application code is responsible for encrypting the business data before it gets sent to the database. On the down side of it, this scheme requires proper key management mechanisms between applications and does not solve the threat of insiders operating through applications, or administrators who compromise the application servers. The cost of such solutions -other than the complexity of key management - is sometimes found in poor data retrieval performance (when the encrypted data is part of an index or of a search criterion).
So, while encryption can be useful in some cases, it is definitely not a silver bullet and it comes with the cost of complexity and performance.