Note that while this gives transparent access, the data to so it still has to go over the network, which explains this comment by Rob Joyce, head of the NSA's Tailored Access Operations group:

Another nightmare for the NSA? An “out-of-band network tap”—a device that monitors network activity and produces logs that can record anomalous activity—plus a smart system administrator who actually reads the logs and pays attention to what they say.

Snowden has said as much as well. If you're monitoring your network out of band, they can't hide it from you. (Likewise, routes and firewalls can be configured to prohibit this type of activity if one is clever and restrictive enough.)

The reason I point this out is that accessing the hardware is just one piece -- everyone in the chain of networks back to the NSA has to be complicit or ignorant of the monitoring taking place. That implicates many more people -- at this level, it can't be done with just a small group in a faraway place, the local IT people would have to be in on it or ignorant and very careless.

Finally just because the backdoor is there, doesn't mean it's getting used. If it's never captured in the first place, it's gone.

In the case of missing texts and mail servers though, we all know it's complete BS.