With the increased rate of Java vulnerabilities as of late, it has been a real chore keeping track of what needs to be done with Java for your organization. If you use Java-based apps or webapps and you can not just disable all the plugins, you must have some way of allowing people to continue using some version of Java.
Although running Java is a security risk, many places do not have a choice and must continue to use it. Greg has a good post on one method you could use for enabling Java 6 in your organization.
Note: It is never advisable to use a version of Java that has a known vulnerability. If you decide to disable XProtect and use an old version of Java, please make sure you are aware of the risk to your systems before doing so.Source: Managing OS X