[John Rogers]

If it were me, and some years ago it was the company I worked for was trying the same approach with letting customers check for updates and 9 times out of ten they would get them and never read the SQL instructions of other notes and we would have to do repairs. I finally convinced the CEO to stop with letting the customer get and try the updates. Then we did the Oracle method, we emailed them and provided a link to a secure (sort of) FTP site we had and it required them to use HTTPS which of course is only a small part of the whole security setup required.

Amazingly everyone ended up way happier aa year or so later. I had also implemented a short program to verify the software was not modified or any table/field changes to the database. If there was, we had to find out why (the SAP methodology)!