Microsoft just published how their consumer key was leaked, can someone explain the production env isolation?

MSFT says this in their article:
"Controls for Microsoft employee access to production infrastructure include background checks, dedicated accounts, secure access workstations, and multi-factor authentication using hardware token devices. Controls in this environment also prevent the use of email, conferencing, web research and other collaboration tools which can lead to common account compromise vectors such as malware infections or phishing, as well as restricting access to systems and data using Just in Time and Just Enough Access policies."

Does anyone …

access accounts article authentication background checks consumer controls cybersecurity devices email employee env environment factor hardware infrastructure isolation key leaked microsoft msft multi-factor multi-factor authentication research secure access token web workstations