Re: 2FA? 2 sweet FA!
The global consultancy I have the misfortune to work for does something similar. We aren’t provided with any kit, so my only means of accessing my corporate email (Outlook as part of Office 365) is on my own iPad, which also has Microsoft Authenticator installed it. As above, hack my iPad and you have cached passwords and the 2 FA soft device. I tried to explain why it was bad once but gave up when all I got was a glazed look of confusion.