Under Federal law (47 U.S.C. 230(c)), an "interactive computer system" provider cannot be held liable for defamation
by republication. So, there may actually be a technological, rather than legal answer to your question -- because by moving the discussion board to an internet website, and then providing employees with secure access, you would avoid liability by virtue of the safe harbor provided by the aforementioned federal statute.
There is, of course, a risk that an employee may provide access to a third party, or that your site may be hacked. But, that can happen with an internal site, especially if you have a disgruntled employee.
The direct answer to your question is that, absent my "techie" suggestion, you cannot avoid liability for defamation as a republisher. In some jurisdictions, you could require that employee users indemnify and hold you harmless from liability caused by the employee's wrongful acts. You could also require that users expressly waive their rights to sue the employer, in consideration for using the website.
However, in some jurisdictions (e.g., California), an employer is required to indemnify each employee for any act done through lack of due care (Labor Code 2800). So, if you have employees located in California, then your attempt to waive liability may be void as against public policy
The point here is that things are not quite as simple as it may seem. Probably the best way to avoid problems is that in addition to indemnification and waiver language, you would also notify the employees that any false statements made about anyone else will be grounds for immediate termination of employment
. But, unless you have someone actually moderating the discussion and reviewing user comments, you are likely to always risk the possibility of legal action -- unless, of course, you do what I originally mentioned concerning the location of your website.
One more note: 47 U.S.C. 230(f)(2) defines "interactive computer service," as " any information service, system, or access software provider that provides or enables computer access by multiple users to a computer server." The plain language of the law would appear to include internal computer systems that are not attached to the internet. Which means that you could keep the server behind your firewall.
However, this definition has never been tested in court, using your intended use -- and I could see how a clever litigator could reasonably claim that the intent of Congress was not to protect operators of internal websites that are not available to internet users. So, here, you are in muddy waters.
Please let me know if my answer is helpful to you. The website has been experiencing system failures lately -- consequently many customers are not receiving my answers.