According to ZDNet, more and more Java-based attacks occur daily. Alarmingly, approximately 94% of endpoints using Oracle’s Java are vulnerable to at least one exploitation attempt. Based on threat reports, updating to a new version seems to be an insufficient means of addressing these issues. For instance, Oracle’s patch for CVE-2013-0422 last January was incomplete, providing a fix for only half of the total number of issues. It’s actually projected that Java zero-day attacks will rapidly increase this year because of the holes in Oracle’s security. This is why the people uninstalling Java are rising in number. But what if you really need Java to keep your operations running? How do you protect your enterprise from Java-related threats without disabling the software? Before we delve into the solution, let’s go deeper into the problem first.
The biggest flaw of existing Java zero-day attack solutions is that they are all reactive—they are patches that only become available after a bug was discovered. So, you don’t really get protection for the NEXT virus. With the growing sophistication of cyber attacks today, what we need is a proactive defense against these kinds of enterprise hazards. Here are 5 tricks you can use to secure your company a safe Java work experience:
Disable Java in your browser.
Java threats mostly come from malicious applets from malware-infected websites. So, if you just installed Java because a business application that you use needs it, you can just disable Java in your web browser. This way, you can safely use your Java applet without reducing the quality of your web experience.
Use one browser for Java-based websites.
If you need Java to access a bank or company website, you have to disable Java on a per-browser basis. What does this mean? You have to pick one browser that you will exclusively use to visit sites that require Java. Once done, you have to disable the software on other browsers so you can safely use them for other business purposes. To illustrate, if you’re an Internet Explorer (IE) user, you can choose to use it for Java-run websites only, and use Chrome or Firefox for other web activities. Risks are largely mitigated if you have one browser for Java that’s easy to monitor.
Disabling add-ons in Internet Explorer and Firefox are easy and intuitive compared to Chrome. In Chrome, you have to make an effort and look for the options that enable you to customize the settings according to your preference. The best approach is to type “chrome://plugins” in the address bar at the onset. Once you’ve landed on the setting page, you can disable the Java plug-in to prevent any business applets from running in Chrome.
In connection to the previous tip, one of the best ways to protect yourself from Java threats is to “divert” your browsers to a safer browser. You can configure your browser settings in such a way that all sites and applets that require the Java platform will automatically open in the browser you chose for exclusive Java use only. This works like the call forwarding feature in advanced phones, where every time the person you want to avoid calls you, he is diverted to another number of your choice.
Control access to applet.
In Chrome, you can actually control access to enterprise applets. Chrome displays a message prompt before running Java applets, and gives you a choice to either run it “only this time” or “always run for this site”. It’s safer to choose “run once” for the sites that require Java.
You must constantly update your system when a batch of patches is released by Oracle. Being proactive and reactive to Java security is the ideal approach in keeping your company safe from cyber attacks.
If you don’t really need Java, it’s best to uninstall it to have a totally worry-free business operation. However, since a lot of companies have custom applications built on the platform, it’s best to just follow tried and tested security measures mentioned above to keep your enterprise safe from high-risk exploits.
Author Bio:- The article was prepared by Nancy in collaboration with Rincentral VOIP Services. This mother and freelance writer would love to connect with you through your comments.