1. There are permissions in System Administration that you can be set on any of the Roles to restrict the ability to delete items in the system. For example, the default permissions for a Sales Rep preclude them from deleting Customers or Invoices. You can override these, so do be careful not to give everyone all Roles in the system, eliminating this safe-guard.
2. Customers can't be deleted that have financials tied to them. Companies can't be deleted that have Customer entries tied to them. Contacts can't be deleted that have CRM Activity tied to them. These types of restrictions prevent the User from deleting entries that have other information in the system associated with them, especially data like Invoices, which the typical User can't delete.
3. There is a "Recycle Bin" feature that only the Administrators have access to, which allows the Administrator to undelete any item in the system that should not have been deleted.
4. And lastly, we do nightly backups of all information on the system and archive those for two months. Any individual entry can be recovered from these backups as required.