Private key management for a custodial account

In my DApp most of accounts are no-custodial and all transactions require the owner’s signature, except one or two accounts that are needed to configure or delete the contract because this is not guaranteed by the owner(he may or not accept signing this Application Call), so to guarantee this logic I thinked to use an own account for most of contracts and set the appropriate logic in the contract itself(Assert Txn.sender() == App.globalGet(my_own_account_address)
The issue is in the private key which will be risky to store it anywhere in the DApp, so I have a couple of questions :
1- Is it a good practice to use a private account to configure or delete or doing something that MUST be done ?(because I can’t rely on user’s decision for that)
If not, what are the alternatives please ?
2- How can I store securely the private key for that account to sign Application Call transactions ?
Thank you

i recommend the my_own_account_address to be multisig of multiple ledger accounts

we have something similar… anyone can deploy their own amm pool, but we can configure our service fee…

Hi @scholtz,
what do you mean please ? if possible to explain with some details Iam not very expert with Algorand