I've been tasked with trying to figure out a way to ensure our user isnt disabled in a customer's instance. Because our SuiteApp is completely built inside of NetSuite, we have one or two customers who have figured out that they can disable our user and keep our service. I cant stop them from disabling a workflow or script. We tried having a managed script deployed to records that tells the customer that the license service (outside NetSuite) has been disabled as an annoyance; but, the customer just went an undeployed those scripts too. They have since resubscribed (as they needed support with the 2023.2 release) and that is how we found all of this out. I'm being told that NetSuite "cant do anything if the customer disables the user" but that's our intellectual property..... Any suggestions on protecting this scenario would be greatly appreciated.

I think the core service of your app shouldn't function without a valid license or user. I do this in my suiteapp. Since it's basically a SPA with backend scripting, all the scripts check the license (cached for 24 hours) and if the license isn't valid, the suitelet serving the SPA fails to load.

Even NetSuite's Free SuiteApprovals app checks for a license before working properly. In the absence of a license it simply rejects the documents

If you have an ongoing product you need a license and validation process setup. Alternatively you could write code to inactivate the app if the user is inactivated but that would probably be more effort and less effective. People are going to subvert your product and you need to validate identities so you only do work for paying customers