You could just read their whitepapers and accept them at face value. What other major SaaS providers are publishing about their technical countermeasures against insider risk?

If a company publishes loads of articles about how they have technical controls for privacy and security, through encryption and compartmentalization and code review and build provenance and so forth, and all the people who work/worked at said company are always whining about how onerous those processes are, then what gives you reason to doubt it?