My paranoia goes against this idea. How sure are you that the remote management is hardened? Assuming that disabling external control is actually effective, that seems like it removes most practical exploits one would encounter. A network configuration for a non technical person should be so simple it does not require regular maintenance.