There is always something that can be done. Like if phone is not actually powered on for x time set by the user it automatically factory resets all data. Or if phone is out of cell service for x time like as in a faraday bag in evidence then it resets itself. Or make it so that after a reboot it can only be opened if on a certain wifi hotspot or geolocation. Ultimately I am not a security expert or know if any of those ideas would actually work but it seems like you could add a few steps making it harder. Maybe it can be locked out and you can set a specific apple store which would require your ID before they can send a release code allowing it to be unlocked. All of that is probably way to complicated to be worth it for a typical user but I do think there can be a way if it was truly critical.