Java is having a bad year. We’re barely three months into 2013 and there have been several security updates to Java 7, each one addressing issues discovered only hours or days after the previous security hole had been contained. At least one of the issues wasn’t actually fixed by the release designed to fix it. And even when Oracle fixes the next round of security issues, industry experts are confidently saying there will be more Java issues in the future. This has prompted the U.S. Department of Homeland Security to recommend turning off Java completely – a drastic step for consumers, and highly impractical for enterprise IT.
The Impact on IT Managers
This situation would be barely tolerable even if the thousands of IT managers who rely on Java for business-critical web applications were able to always run the most current (and somewhat secure) version of Java. Adding insult to injury, IT managers are often required to run old versions of Java on their organization’s Windows PCs because the current version is not backward compatible with their application requirements. If Java is having a bad year, IT security managers are having a VERY bad year.
But is the situation really this hopeless? What if there was a way to run old versions of Java side by side with the current version, and that current version was the only version exposed to the web? What if it was possible to go a step further and only use Java for internal business applications and not expose it to the web at all? Would that help? Of course it would … and that solution exists today.
Browsium Makes Java Manageable and Secure
Browsium solutions were designed with targeted management in mind, so we are able to deliver solutions today to secure Java in your organization. Using our industry leading tools, Browsium Ion and Catalyst, you can securely deploy and manage web-based Java in your organization. Our tools let you define the scenarios under which different versions of Java are loaded – or prevented from loading – including the ability to load multiple different Java versions simultaneously ‘side by side’ on a single PC.
Java Remediation with Browsium Ion
For organizations looking to stay on Internet Explorer as the single browser platform, Browsium Ion is the perfect tool. Ion delivers granular Java management to enable isolated and secure side-by-side Java versioning. By giving IT administrators the ability to specify which version of Java loads for which sites (targeted down to the single page level), Ion enables an organization to avoid having to compromise security for compatibility while not turning off Java entirely. Users can continue to perform their internal critical business functions while accessing websites as they normally would, but IT limits exposure to external threats by using the most current, most secure version of Java.
As an example, the screenshot below shows a single instance of Internet Explorer invoking Java 7, Java 6, and Java 1.4, side-by-side, with Java 7 as the default version exposed to the web.
Java Isolation with Browsium Catalyst
Organizations seeking the most secure Java solution should run multiple browsers on each PC, managed with Browsium Catalyst. Catalyst enables IT to centrally control which browser opens each website on every PC in the organization. The organization can then choose one browser, with Java enabled, for key intranet applications or set of known Internet websites that require Java, and then use another browser, with Java disabled, for everything else.
Depicted in the following diagram is the common scenario we see today with customers. Typically Internet Explorer is used with Java internally and then Chrome without Java is exposed to the web.
A Video is Worth a Thousand Pictures
With Browsium Ion and Browsium Catalyst, you don’t have to trade off compatibility for security. You can run both together to get the best of both worlds. To illustrate these approaches and show how simple these solutions are to implement, we created a video to demonstrate this experience. Watch it embedded below, or in full HD (with no Flash) on YouTube.
Remediating and Isolating Java
Don’t Wait – Let’s Secure Your Java Environment Today
You’ve suffered with Java compatibility and security problems long enough. Browsium delivers the solutions you need to get off the Java version treadmill and maximize Java security for your organization. Contact us and we’ll show you how to use Browsium Ion and Browsium Catalyst to secure your Java environment today.
