All my coins are on online wallets, not on exchanges. I don't connect with any public wifi. I have 2 phones with internet and one internet dongle, so that I am never out of internet for any reason like network problem. I keep my private keys and 2fa backed up and encrypted and I think its enough.
Even if you trust your online wallets, do you trust their third party services? Even blockchain.info had their DNS redirected at one point to a malicious party.