I'd study how people have defended what you're defending now in the past. If you're securing a physical facility, see if there's a well-regarded physical security standard you can comply with. If you're in a corporate environment, set up SSO and 2FA.
#Beyondcorp ssh how to
If humans already know how to secure something well, why try to derive the answer ourselves?