To be honest... Multi-Signature vaults are the only way to truly mitigate single points of failure.
Having a 2 of 3 multi-sig setup with 3 different air-gapped hardware wallets from 3 different vendors in your multi-sig quorum is the way to go.
Make sure you generate your private key using your own entropy from real physical world randomness. For example, rolling dice, flipping coins, shuffling a deck of cards, and the list goes on....
Never trust your devices RNG, it's hard to prove if they are truly random.
I dont like multi-sig - Just makes it to where others can collude and steal my funds - no thanks. I have my main wallet backed up to an encrypted drive and in other ways. If something happens to me, my wife will be made aware and be able to recover, if something happens to both of us, our children will be made aware. But there is no way in hell I am giving anyone the keys (partial keys) to be able to take my funds while I am alive.
as for the RNG - I agree - do not trust any device for that.