Removing Management Backdoors

Backdoor functionality should be avoided as much as possible. Various discoveries show that those backdoors can and will be discovered and used for malicious purpose.

Examples:

https://community.rapid7.com/community/infosec/blog/2015/12/20/cve-2015-7755-juniper-screenos-authentication-backdoor

https://support.lenovo.com/il/en/solutions/len-8324

Functionality used to connect back to vendor/manufacturer services (often referred to as phone home) should be evaluated for its necessity. If the functionality is required for the function of the device, it must be implemented taking highest security requirements for typical IT/software systems into account.

http://www.uefi.org/sites/default/files/resources/UEFI_Secure_Firmware_Considerations_v2.pdf

Removing Management Backdoors

Further Reading: