OneDrive for Business (OD4B) Default Retention Policies

Responsibility for Backup and Recovery changes when you move to a SaaS solution like Office 365.  There are basically 2 types of recovery scenarios that need to be planned for. The first being a server or datacenter failure the second being the corruption or deletion of data. In Office 365 Microsoft is responsible for the first part of this equation.  Although Microsoft is constantly replicating data between data centers and storing data in completely redundant environments with backup and restoring capabilities; this is not going to help in cases of data being deleted or corrupted either maliciously or in error.  I have started some research around some of the OneDrive for Business default retention items that provide part of the solution for the second half of the equation.

1. SharePoint Online Sites including the OneDrive for Business Document Library has a non-configurable 93 day retention on 1st stage recycle bin and another 93 days on the second stage.

2. All Document libraries in SharePoint Online including the OneDrive for Business Document Library have the maximum number of major versions set to 500 by default.

With these 2 items you have a reasonable backup and recovery strategy for most cases of non malicious intent. First problem comes up around user deleting all items from the first and second stage recycle bin since the user is the Site Collection administrator of their OneDrive. Second is that a user could change the version settings to remove the 500 versions. Any way to prevent those scenarios with Office 365?