Remote Access Restrictions
|
Article Code |
Product |
Version |
|---|---|---|
|
RMTACS |
Chorum |
6.0 |
In This Topic | Related Topics |
|---|---|
Due to Chorum's nature as an internet-based application, internet security plays a significant role in its setup and continued usage. Knowing and controlling who does and does not have access to your property's information is key to maintaining a secure environment, preventing unwanted data breaches and other security conflicts.
To help ensure your hotel's security, Chorum provides a number of tools that allow you to limit or restrict who can access Chorum and from where. Besides controlling individual users (see Security Users), you can set rules on accessing the system such that anyone with a valid login can sign in from anywhere, or limit access only to users who log on via specific networks. In other words, you may impose Remote Access Restrictions on property staff, ensuring that staff can only log in to your database from locations your property has allowed.
Before you start, if you intend to enable these restrictions, be aware that you must be familiar with public IP addresses and how to retrieve them for a specific network. If you don't know what a public IP address is or how to retrieve it, see the sub-topic Remote Access Restrictions before continuing.
To begin, access the GM Functions module, expand the Security and Permissions folder, then access the Remote Access Restrictions menu.
If this is your hotel’s first time accessing this menu, you may find the menu is entirely blank. The first item to take note of is the small checkbox at the top of the menu:
When this box is unchecked, anyone can log in to your hotel’s instance of Chorum from anywhere in the world, provided they have your hotel’s Chorum URL and your assigned hotel code (of course, they also need a valid login). This makes it especially simple
If you plan to instead restrict access to Chorum, limiting it to networks you specify, you will need to checkmark the box and add each approved network’s public IP address to the list the box after saving your changes, including the public IP address of your hotel. If you intend to use restricted access in combination with Chorum Mobile, be aware that unless the clerk has been provided the Remote Access right (see Security Users), the mobile app will not work on your mobile devices’ roaming networks (whenever the phone is not connected to a specific wireless network and is instead using a data plan with the phone provider to access the internet). Roaming devices are assigned a different format of public IP address that is not supported in Chorum (yet).
To add a public IP, once the restrict setting has been checkmarked and saved, click the New button at the top of the menu. A blank line will appear in the lower region of the menu - type in the desired public address. MSI also recommends providing a brief description of the IP address (like “Hotel Ethernet,” “Hotel Wi-fi,” or “GM John Smith’s home network”) in the Description column, but as indicated in Chorum this is entirely optional. If the IP address is not a valid IP address, it will prevent you from saving it.
In keeping a more secure environment, a recommended best practice when using this function is to avoid sharing these addresses with anyone other than site administration. If you need additional assistance or guidance setting remote access restrictions, please feel free to reach out to Chorum Support via the Support Center whenever convenient to you.
What is a Public IP Address?Every device that connects to the internet has something called an Internet Protocol (IP) Address. This address helps internet service providers identify your device on the internet and direct communications to and from the device - this constant exchange of information is the foundation of the internet’s connectivity.
For those of you a little more tech savvy, there’s a good chance you have found one guide or another at some point that mentioned finding your computer’s IP address on your network, which usually starts with 192. While this is certainly your device’s IP address, it is different from your Public IP Address.
The Public IP Address is assigned specifically to the router or gateway that manages your internet connection with your Internet Service Provider (ISP) and is assigned directly from the ISP to your router. While each individual computer has its own IP address on your network, every device shares the same public IP address - because it’s assigned to the router, and the router uses your device’s IP address to track who’s sending information in and out of your network and where to route it to.
This may seem a little complicated, but don’t worry - finding your public IP address is a cinch. Just click this link: https://www.whatismyip.com
At the top of the screen, you should see the entry Your Public IPv4 is, followed by a set of numbers. This is your public IP address - if you plan to restrict network access at your hotel, you will need this address from each network you intend to allow, including your hotel’s own public IP address.
Keep in mind that a public address is based on the network you are connected to, not your device. Your hotel’s network and your home network will have different public IP addresses.
