There are a couple of approaches that need to be implemented
1. Separation of information - one person should not have a complete vision of the whole situation
2. Control over the copying of information and minimizing its output while working with it
3. prohibition to perform third-party tasks during working hours
4. Control customer satisfaction
5 Prohibition on the use of third-party devices during working hours
6. Introduction of a unified service for working with the client. Logging and banning the use of third-party services. With the subsequent analysis of everything and everyone
7. Restricting the possibilities of the workplace to the very minimum. In short - everything that is not allowed. That is forbidden!
This is what I can remember offhand

The first thing to do is never ask questions like this again from an account that has your photo, first and last name. Google gives you away.
In the office, you need to put a jammer on a mobile connection so that you can not use the mobile Internet. Provide employees with high-speed and free Wi-Fi, and filter all traffic for information leakage.
Up to date
It was very interesting how it all ended. If after that she was not even fired, but simply punished with a fine, then you have a management in your organization that they ride. If employees can crowd into the manager's office and squeeze him for some indulgence, then this can end very sadly for the company.

Employees harm the company on the principle of "how you treat me, so I treat you." Perhaps the company offended them in some way. Check if they are motivated to work honestly. Is there fairness in compensation? How does the firm feel about their offerings?
The basic principle of automation is feedback. Find out what worries employees and never punish for criticism, but on the contrary - encourage (for constructive, of course, not for demagogy).

NDA?

SMP is our everything. There is such a wonderful system - Stakhanovets. Allows you to control Skype, ICQ, Vaska and the bald trait. Telegram does not intercept, but writes all the keyboard input, so the text remains all the same, though a little mixed up.
Not free, a license for a user is about 2000 rubles. But honestly worth the money. Everyone is put on the SMP, a couple of times a tough reaction is given - and everyone becomes operational.
As for access rights - can people "push through" their access? Oops two. This will not end well.

If they are not provided with it, then they stupidly begin to flood the head with requests on this topic, and the boss has no choice but to open this access in order to unload

Well, this is a standard issue of risk management, if VERY briefly, then there is a compromise between security (in the sense of loss of the shareholder's finances) and openness of channels.
I prefer, say, to open everything and just control the "mood in the team" ...
If the production is secret, then you can take away the phones, in general people are undressed at the jewelry store. And if this is a typical office, then there are real losses only at the level of tops

The most efficient is a corporate cellular connection tied to your telephony server - FMC.
There was a review on the hub. Briefly - a service SIM card on the phone (mts, beeline - no matter who you sign the contract with) - and that's it, the employee has only a short number - 2203 for example. All outgoing calls go through your telephony server and only your general number is displayed on the client. The employee gives the client a general and his own extension number for communication. All calls are recorded. The employee left - the client's contact number is only yours. Even if someone stirs up their customers, outgoing calls out of greed will still be made from a working SIM card.

This, of course, is not entirely legal, but it is necessary to periodically put "wiretapping" and analyze the conversations of employees. Helps to avoid a lot of sudden troubles. I do not recommend to people with an unstable psyche - you can fire (f***) everyone, there will be no one to work

There is one product on the megamind - " Electronic Auschwitz for Sellers " :) This is generally their bread, but, I suppose, control is no further than a workstation (tablets, mobile communications are no longer controlled).