Securing the U-Boot/Linux installation against tampering

I’m working quite some time with Radxa Zero now and it came to my attention that there is no real mechanism to secure the installation on the eMMC.

I wrote to the dev team and they responded to use a rockchip since the Radxa Zero has no secure boot options.

Which measures else could be taken to ensure that the data on the eMMC is not accessible?

Thanks everyone!