Another idea would be a new security permission level: Read & Append
Users could read files, and add uniquely named files, but not overwrite or delete existing files.
This would be good for our media shares that are mostly cold storage, as well as being a good fight against malware.
One would stay logged in at this level for day to day activity, then switch to a higher level login for cleaning and file maintenance.