Internally, yes 2FA is enabled for relevant staff/applications. Externally, it depends on your own configuration at your STS.