Remote Access Restrictions

Article Code

Product

Version

RMTACS

Chorum

6.0

 

In This Topic

Related Topics

What is a Public IP Address?

Modifying Remote Access Restrictions

 

Due to Chorum's nature as an internet-based application, internet security plays a significant role in its setup and continued usage. Knowing and controlling who does and does not have access to your property's information is key to maintaining a secure environment, preventing unwanted data breaches and other security conflicts.

To help ensure your hotel's security, Chorum provides a number of tools that allow you to limit or restrict who can access Chorum and from where. Besides controlling individual users (see Security Users), you can set rules on accessing the system such that anyone with a valid login can sign in from anywhere, or limit access only to users who log on via specific networks. In other words, you may impose Remote Access Restrictions on property staff, ensuring that staff can only log in to your database from locations your property has allowed.

Before you start, if you intend to enable these restrictions, be aware that you must be familiar with public IP addresses and how to retrieve them for a specific network. If you don't know what a public IP address is or how to retrieve it, see the sub-topic Remote Access Restrictions before continuing.

To begin, access the GM Functions module, expand the Security and Permissions folder, then access the Remote Access Restrictions menu.

If this is your hotel’s first time accessing this menu, you may find the menu is entirely blank. The first item to take note of is the small checkbox at the top of the menu:

When this box is unchecked, anyone can log in to your hotel’s instance of Chorum from anywhere in the world, provided they have your hotel’s Chorum URL and your assigned hotel code (of course, they also need a valid login). This makes it especially simple

If you plan to instead restrict access to Chorum, limiting it to networks you specify, you will need to checkmark the box and add each approved network’s public IP address to the list the box after saving your changes, including the public IP address of your hotel. If you intend to use restricted access in combination with Chorum Mobile, be aware that unless the clerk has been provided the Remote Access right (see Security Users), the mobile app will not work on your mobile devices’ roaming networks (whenever the phone is not connected to a specific wireless network and is instead using a data plan with the phone provider to access the internet). Roaming devices are assigned a different format of public IP address that is not supported in Chorum (yet).

To add a public IP, once the restrict setting has been checkmarked and saved, click the New button at the top of the menu. A blank line will appear in the lower region of the menu - type in the desired public address. MSI also recommends providing a brief description of the IP address (like “Hotel Ethernet,” “Hotel Wi-fi,” or “GM John Smith’s home network”) in the Description column, but as indicated in Chorum this is entirely optional. If the IP address is not a valid IP address, it will prevent you from saving it.

In keeping a more secure environment, a recommended best practice when using this function is to avoid sharing these addresses with anyone other than site administration. If you need additional assistance or guidance setting remote access restrictions, please feel free to reach out to Chorum Support via the Support Center whenever convenient to you.