Oracle Java Review!

Forward

From January 2019*, Oracle have stated that Java SE updates will no longer be available to commercial organisations Free of Charge. This document’s purpose is to help the reader assess the impact on their organisation and avert risk.

*Please note that at the time of writing and publishing this article, BCS’s research into this subject hadn’t been able to establish a specific date in January 2019.

Executive Summary

Post 2019, you may need to purchase a subscription licence or Support Agreement or move to an Open Source Java option before updating installations of Java SE.

This change in itself does not present an immediate risk of non-compliance with current licensing agreements i.e. if you are non-compliant now post January 2019 you will still be non-compliant and vice versa.

Therefore, our recommendations for commercial environments is to focus on the operational sustainability of business critical software.

This document provides an overview on how this could be achieved.

Key Challenges

To date, most organisations have enjoyed free ‘public’ updates to Oracle Java SE. From January 2019 this will stop. Java SE updates will only be available to commercial organisations having the appropriate (chargeable) contracts in place.

As a result of Oracle’s announcement, regarding the availability of Java SE public updates, it has also come to light that from a software licence compliance perspective, the reader should be aware that optional commercially licensable Java SE features exist and may have been installed.

Therefore, the perceived view that Oracle Java SE is “completely free” is simply not the case.

There is no getting away from the fact that this announcement poses a potentially major operational and security risk to organisations. If an Organisation uses Java on their end user computing environment (desktops / laptops etc.) or if Java underpins business critical applications, they must assess the impact of loss of updates post January 2019 from both an operational and security perspective.

Will the lack of updates impact operational sustainability? i.e. will your business-critical applications remain operational and functionally capable?

Will the lack of updates create security vulnerabilities? i.e. will your business-critical applications suddenly expose your corporate network to serious security risks?

Important Note for Existing Oracle Customers

Something customers should be asking is “I’m an Oracle Customer, how am I affected??”

Oracle’s feedback is ‘You’re covered for your use of Java SE within an Oracle product having a Java SE dependency.’ 

Therefore, it stands to reason that Oracle customers should be assessing their existing Oracle agreements and the use of Oracle Java as part of the current Oracle product deployments.

There could potentially be no risk whatsoever associated with the current Java deployments and updates i.e. Java updates may be available via their existing support arrangements at no additional cost.

Understanding the Risks – Recommended Steps

Discovery and Analysis Phase

  • Customer identifies what Java SE is installed
    • Versions
    • Editions
    • Features
  • Customer Identifies Java dependent applications (both Commercial and Bespoke)
    • Customer rates the Java applications business criticality.

Testing Phase

  • Customer tests all business-critical Java applications on OpenJDK or alternative Java solutions.

Licensing Phase

  • Customer should create an inventory of Java Licences and support agreements
    • Customer should establish if Java Applications are licensed / supported via existing Oracle agreements
    • Customer should establish if they have third party licence ‘grants’ (most likely bundled with OEM / Bespoke solutions)
  • Customer weighs up the costs and feasibility of switching to OpenJDK vs SE subscription costs.
  • Customer estimates the cost of subscription options where applicable

Housekeeping Phase

  • Customer removes Java Runtime Environment (JRE) where it has been established that there are commercially licensable features installed / enabled and not licensed / required.
  • Unless required for business criticality Customer’s should remove Java SE / JRE from standard builds.

If you need assistance on any aspects of Oracle Java SE (from Discovery / Analysis through to Housekeeping as detailed above then please contact us using the form below

Your Name (required)

Your Email (required)

Subject

Your Message

References

Oracle Java SE Price list (published August 2018)

http://www.oracle.com/us/corporate/pricing/price-lists/java-se-subscription-pricelist-5028356.pdf

Oracle Java SE Release Cadence

https://blogs.oracle.com/java-platform-group/update-and-faq-on-the-java-se-release-cadence

Oracle Java SE Support Roadmap

https://www.oracle.com/technetwork/java/java-se-support-roadmap.html

FAQ’s published by Oracle https://www.oracle.com/technetwork/java/javaseproducts/overview/javasesubscriptionfaq-4891443.html

Disclaimer Notice

The information contained in this document is for general guidance on the matter of Oracle Java licensing only. Given the changing nature of laws and licensing rules and the fundamental exposure of electronic communications, there may be omissions or inaccuracies in information contained in this document. Accordingly, the information contained in this document is provided with the understanding that the authors are not herein engaged in providing legal advice. As such, it should not be used as a substitute for consultation with professional legal advisors. Before making a decision or taking action, you should consult your professional legal advisors. 

While we have made every attempt to ensure that the information contained in this document has been obtained from reliable sources, Business Continuity Services Ltd is not responsible for any errors or omissions, or for the results obtained from the use of this information. All information in this document is provided “at face value”, with no guarantee of completeness, accuracy or future relevance of the results obtained from the use of this information.

Working with BCS has brought us real benefits in Software Asset Management, both in delivering real cost saving and knowledge transfer from their consultants. The service is totally professional and yet personal at the same time.

IT Service Management Manager - Provident Financial Management Services Ltd.
The USL Subscription Service from BCS has saved us a minimum of 10 man hours per week and has identified possible over licensing due to the inaccuracy of our discovery data in excess of £2,000,000.00

IT Asset Controller - Tech Data.
Implementation of Software Organiser was professional, and BCS staff provided us with service beyond expectations

Carl Stirland, Director of IT, Bowmer & Kirkland.
Throughout this process, Software Organiser has been a pivotal tool enabling us to achieve compliance. We have saved 30-man hours a month, as we now log, store and manage all our licence reconciliation using this tool. It has effectively enabled us to accurately reconcile over 600,000 licenses from 5,700 proof-of-purchases entries for over 6,000 computers.

Experian Ltd.

Coronavirus (COVID-19) Outbreak

Coronavirus (COVID-19) Outbreak – communication to all our Customers