We should install security patches regularily, so admins do not have to check manually. This is common practice on Debian servers. See the [wiki](https://wiki.debian.org/UnattendedUpgrades) for more information.
