Remote Access Guidelines
Remote access can be a convenient way to access files and programs on your computer when you're not physically present, but it can also expose your system to increased risk of unauthorized access and malware infection. Follow the guidelines on this page to protect your computer from these threats.
Disable remote access if not needed
If you don't need to access your computer remotely, disable all methods of remote access.
Do not use more than one method for remote access
If you need to access your computer remotely, select your preferred method for remote access and follow the rest of the guidelines on this page to secure that method. Having additional remote access methods enabled increases the chances that one of them will not be properly secured.
Limit access at the network level
Use a hardware firewall or your systems's built-in software firewall to restrict which network ranges are allowed to remotely access your computer. Caltech's main campus IP range is 220.127.116.11/16. You could restrict remote access to your computer to this range, and still remotely access your computer from home by connecting to VPN first. For more information see:
Choose strong passwords
Many instances of successful remote access attacks are the result of weak passwords (or unchanged default passwords). If you are allowing remote access to your computer, it is especially important that you use strong and unique passwords. See password guidelines for more information.
Keep your device updated
Remote access attacks often take advantage of known security vulnerabilities. These flaws are routinely discovered and fixed in updates. To make sure your devices stay protected, keep the programs you use and the operating systems on your devices up to date when new updates become available.
Consider enabling multi-factor authentication for remote access
In addition to strong passwords and network level restrictions, you can add an additional layer of security to your system by requiring multi-factor authentication for remote access. With MFA, after successfully entering your remote access password, you will be prompted to confirm your authentication using either a smart phone app or a hardware token. This is an especially good idea for systems with important or sensitive data, or with multiple remote users.