One annoyance about all this is that we’re a 24/7 support operation so I can get calls at all times of the night for service issues - having VPN access meant that, even if I were on vacation, I could access the systems with either my smartphone or a small laptop to triage or affect repair. (We had both VPNs and 2FA authentication with yubikeys for this)
But now that’s completely impossible as I MUST have the work laptop with me to access any part of the corporate network - either at home or on vacation.
When I worked for government, I had an issued laptop that I could use anywhere (2 factor authentication) with full access and there was a separate login we could use from home that worked for emails, and a few other things, but couldn’t access the databases - a pain to use and you couldn’t do much work, so I only used it a few times. When I traveled for work I carried a personal laptop as well (later a tablet).
Current job has been BYOD, but appear to be headed toward your setup. No travel, however.