I'm trying to get some ideas as to what is a reasonable cycle to upgrade Moodle to "stay covered" in terms of security vulnerabilities.
We're trying to come up with something of a fixed schedule for our upgrades so we don't get behind (i.e. annualy? twice a year? once every two years?).
We just upgraded to 3.5.1 in February.
Though we are a university, Moodle is not our main LMS and is not heavily used at all. Initially, it seemed like going to the long-term support releases (LTS) would be the best option, but 2 years between upgrades is a long time so I'm wondering how feasible this is.
I realize that it depends on the needs of the organization, but I'm just looking for some ideas on how best to approach this.
Any info would help!