Detection of bulk operations associated with remotely stored content by client device

What is claimed is: 1. A method to detect bulk operations associated with content stored at a storage service, the method comprising: monitoring a usage pattern associated with the content that is stored locally to provide to the storage service; receiving, from the storage service, a model based on the usage pattern, the model defining a change threshold based on one or more of a type of altered content, an amount of altered content, and an amount of altered content within a particular period; detecting an attempted operation performed on the content; comparing the attempted operation to the model to determine whether the operation deviates from the usage pattern; and in response to a determination that the attempted operation exceeds the change threshold, preventing execution of the attempted operation and synchronization of the content with the storage service until the attempted operation is approved. 2. The method of claim 1 further comprising: in response to a determination that the attempted operation does not exceed the change threshold, enabling execution of the attempted operation and synchronization of the content with the storage service. 3. The method of claim 1 , further comprising: in response to the determination that the attempted operation exceeds the change threshold, presenting a notification of the attempted operation through a display. 4. The method of claim 1 , further comprising: enabling a previous version of the content preserved at the storage service to be restored. 5. The method of claim 4 , further comprising: presenting a restoration option through a display, wherein a user is enabled to select the restoration option to restore the previous version of the content preserved at the storage service. 6. The method of claim 1 , further comprising: determining the usage pattern associated with the content based on previous operations performed on the content by a user, a size of the user's account, and a frequency at which the user performed operations on the content. 7. A client device configured to detect bulk operations associated with content stored at a storage service, the client device comprising: a communication interface configured to facilitate communication between the storage service and the client device; a memory configured to store instructions; and one or more processors coupled to the memory, wherein the one or more processors, in conjunction with the instructions stored in the memory, are configured to: monitor a usage pattern associated with the content that is stored locally on the client device to provide to the storage service; receive, from the storage service, a model based on the usage pattern that defines a change threshold based on one or more of a type of altered content, an amount of altered content, and an amount of altered content within a particular period; detect an attempted operation performed on the content through the client device; and in response to a determination that the type of altered content, the amount of altered content, and/or the amount of altered content within the particular period during the attempted operation exceeds the change threshold, prevent execution of the attempted operation and synchronization of the content with the storage service until the attempted operation is approved. 8. The client device of claim 7 , wherein the attempted operation is one of a creation, a deletion, an encryption, and an update performed on the content. 9. The client device of claim 7 , wherein the change threshold is one of a static, learned, or calculated value based on previous operations performed on the content by a user, a size of the user's account, and frequency at which the user performed operations on the content. 10. The client device of claim 7 , wherein the notification requests for a user to one of approve or reject the attempted operation, and the one or more processors are configured to: enable execution of the attempted operation and the synchronization process if the user approves the attempted operation; and fail the attempted operation if the user rejects the attempted operation. 11. The client device of claim 10 , wherein the one or more processors are configured to: present a selectable restoration option through a display of the client device, wherein the restoration option enables a previous version of the content preserved at the storage service to be restored to the client device. 12. A method to detect bulk operations associated with content stored at a storage service, the method comprising: monitoring a usage pattern associated with the content that is stored locally; defining a change threshold based on one or more of a type of altered content, an amount of altered content, and an amount of altered content within a particular period; detecting an attempted operation performed on the content; and in response to a determination that the type of altered content, the amount of altered content, and/or the amount of altered content within the particular period during the attempted operation exceeds the change threshold, preventing execution of the attempted operation and synchronization of the content with the storage service until the operation is approved. 13. The method of claim 12 , further comprising: presenting a notification of the attempted operation through a display. 14. The method of claim 13 , further comprising: enabling the user to approve or reject the attempted operation through the notification. 15. The method of claim 14 , further comprising: prompting the user to provide authentication through the notification in order to approve the attempted operation. 16. The method of claim 12 , further comprising: in response to an execution of the attempted operation, presenting a restoration option through a display. 17. The method of claim 16 , further comprising: enabling a user to select the restoration option to restore a previous version of the content preserved at the storage service. 18. The method of claim 12 , further comprising: enabling synchronization of the content with the storage service if the attempted operation is executed such that the content as altered by the operation is synchronized.