It is your IT dept's responsibility to keep the VPN working, not Google's. Google has chosen to drop support for a 20 year old insecure plugin architecture in favor of a more modern, secure one. Sure, it's one developed by Google, but 1) there wasn't an existing standard out there AFAIK so they had to make one and 2) the plugin interface is open source so anyone can go and implement it in their own browser, or in their own plugin.
Oracle's official stance seems to be that Java users should switch to Firefox or IE, rather than see themselves try and put any effort toward porting Java. To be fair, I don't know how well Java will mesh with PPAPI's sandboxing.
I wonder if they'll change their tune... Chrome has a pretty sizable user base now.