When thinking about maintaining you're CiviCRM, it's important to think through how your organization wants to manage security updates. Not just for now. Consideration for the long-term is the key. Maintaining technology does not have to be costly or time consuming. You already know how imperative it is to address security risks, which is why updates are commonly released. It’s important to plan for these regular updates.
Set your organization up for success by answering the following questions now, so you can plan for ongoing protection of your CiviCRM.
- What is the capacity for you, your staff and/or your budget with a consulting partner?
- How long does it take to implement the security release?
- How often do you want to be doing a security release?
- What will your capacity be as you grow?
Why the ESR (Extended Security Release)?
When we talk to nonprofits about the questions above, their answers clearly point to needing updates that provide top level security with minimal disruption to their website and calendars. Especially those CiviCRM setups with multiple integrations and larger databases.
A lot of nonprofits have found the ESR to be very manageable. It keeps costs down because there is no need to be in CiviCRM as often and the time between updates also allows for the same level of security. If you’ve ever done a security update on a more complicated CiviCRM, you have probably experienced something not working quite right and had to fix it. If you only update every 6 months, you run less risk of website instability.
Security releases are a requirement for a healthy CiviCRM. If you think in terms of what’s most manageable for the long-term, consider the ESR solution for maintaining the health of your system.
We strive to make sure nonprofits don’t have to do more work than necessary and get the full protection of security updates. That’s why we always recommend the ESR to our clients at BackOffice Thinking.