Hi Michael,
This is pretty much common across many organisations and this kind of setup allows org to configure hybrid and Entra joined devices to control and manage remote devices as per the policies and it also depends on the scenarios you have. Certainly you can have some devices Hybrid joined and some direct joined to Azure - Please check this article and you will get the exact information you are looking for - https://learn.microsoft.com/en-us/entra/identity/devices/plan-device-deployment
Hope this helps.
JS
==
Please accept as answer and do a Thumbs-up to upvote this response if you are satisfied with the community help. Your upvote will be beneficial for the community users facing similar issues.