There has been a lot of talk in the US and Australia about Huawei and if they should be allowed to bid for or supply hardware for project that could be classified as “national infrastructure”.

Huawei have refuted the claims of both governments that the PLA have too much control of the company and may use it as a tool to infiltrate government networks.

To prove that there hardware / software in not a threat they have offered to allow governments to inspect the code that runs on there hardware.

This article is interesting as it points out that even if you find no backdoor in the software when you find a bug and call the Huawei service team you are opening the front door and allowing them full access to your company!

This doesn’t only go for Huawei, maybe we should all be a little worried about who it is we allow in our data centers! Can you trust IBM / DELL / HP fully?

I’m not saying that any of the companies listed above are evil, all I am saying is that we should keep this in mind when selecting vendors or partners.

http://etherealmind.com/the-huawei-security-problem-isnt-the-hardware-its-engineers-fixing-the-bugs/

This. Let's assume it's acceptable at on the onset; what if something changes five years down the road. If you're seriously going to use this as an attack platform, you'd be willing to commit to the long-con.

Regarding third party vendors, Dell, HP, etc., the way I've always handled it in the past was to leave any sort of remote access disconnected/disabled until it was needed, and then have someone monitor/oversee everything the technician does. Giving a vendor free-reign 24/7 certainly seems to create an unnecessary exposure.