The people write correctly.
Technically there are solutions. Either enable encryption at the SSD level, or at the OS level.
At the SSD level, some Samsung and Intel models support encryption.
But! it's all from the punks. All SSDs sold in the Russian Federation are FSB certified for encryption.
This means that it will not save from serious attention of the organs.
At the OS level = BitLocker is not bad (Windows), especially if the laptop has a built-in TPM (encryption module).
Either the MacBook has built-in encryption mechanisms at the SSD level. So far, there have not been any explicit references to hacking poppies by organs.
In this case, it is necessary to share the level of interest. If the police are interested in you, at the level of the district / city investigator, then everything is simpler.
If the interest is federal or the level of the FSB, then everything that can be bought in Russia is hacked into the MSC in the center of computer expertise of the Ministry of Internal Affairs.
The only way is to have nothing on the laptop, everything is remote. On the laptop only RDP and SSH client.

That's what encryption is for. For example, BitLocker.

The disk can be encrypted. VeraCrypt, BitLocker and others.
Ideally, to be able to enter 2 passwords. One opens a real disk, and the other opens a fake one. This can help with the thermorectal method. But on the fake section, you also need to maintain the appearance of work in it, otherwise they will figure it out

Dear, if you got hit - no one will really care what protection methods your ultrabook has - because the thermorectal method does not give errors. You yourself will tell everything.