If the device is remotely managed and all IPSEC back to the carrier, who cares what network it's on? At worst you'd just get poor connectivity, I don't think there's any additional exposure here.