Regarding 1, I don't think you need Enterprise to have HA, I'm pretty sure it comes with Vault OSS. You may be thinking about Vault Disaster Recovery which makes one cluster fail to another one, but HA is in OSS.
I was thinking of on-call support being a key part of the overall concept of HA, but, yes, good point: much of this risk can be mitigated, even with OSS.
