Nowadays, the average survival time (time it takes to become infected with malware) of an unpatched computer connected directly to the Internet is less than eight minutes. The importance of keeping a Cloud Server's packages up-to-date cannot be underestimated. Fortunately, Linux makes system updates a piece of cake.
yum list updates
emerge --update world
emerge --update --deep world
For more information on Linux package managers, please see General Package Installation Guidelines.
How often does a system need to be updated? That really depends on its function and what software is installed. It also depends on any recent security advisories. In general, though, you really can't go wrong by having a cron job which runs 'aptitude upgrade' (or its equivalent) on a daily basis. Major updates, such as those provided by 'aptitude dist-upgrade,' may require some testing before being enabled on a production server.
However, any software you've compiled from source will not be upgraded by your system's package manager. These packages will need to be carefully monitored, and manually patched when any security holes are fixed.
© 2011-2013 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License