Hello @EnterpriseArchitect,
If there is no CA policy in place to block unmanaged devices, users can log in to Entra resources from any device, whether it is Entra registered, Entra joined, or unmanaged.
To effectively control user logins, a CA policy should be implemented to restrict access from unmanaged devices such as iOS or Android.
Does it mean it won't have any effect?
Yes, even after you delete a device from Entra using the Remove-MgDevice -DeviceId command, users will still be able to access resources from that particular device.
It is recommended to implement a CA policy to block access from unmanaged devices according to your organizational requirements. Please let me know if you need any assistance in creating such a policy with specific requirements. I am happy to help you out here.
Or else you can refer the below documentation for more insights on creating a block CA policy.
https://learn.microsoft.com/en-us/entra/identity/conditional-access/howto-conditional-access-policy-block-access
Hope this includes all the information that you were looking for.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.