You shouldn’t update your own WordPress install or plugins.
Most people will update their WordPress install every time that a new plugin or core update comes along – and generally this won’t cause problems. However, when it does cause problems it could take down your entire site without the option to even login or kill a particularly useful custom functionality you integrated. The result is that your site could easily become useless due to an errant function or call.
Now, that isn’t to say you should never update your plugins or have someone else do it – it should just be done in a controlled environment where you’re making off-site backups, have a test sandbox, and have your developer ready if something goes wrong with the upgrade.
What could go wrong?
The main problem with doing your own updates is that there’s a certain chance of messing up custom functionality. If you have custom functionality (especially if you’re running an eCommerce store) your whole website could be taken down by a single errant or deprecated function running in a plugin or custom configuration.
As a note, WordPress itself is VERY stable and if you were to run a site without any plugins this wouldn’t apply to you. The problem lies in the plugins – they rely on files that WordPress serves up such as jQuery and when WordPress changes these (as should be done over time) sometimes it breaks functionality on your website. For example we recently had a client who upgraded her WordPress and it broke several accordions on her site. The problem was caused by WordPress updating jQuery and the plugin that was rendering the accordions hadn’t properly updated their plugin.
How it should be done
The ideal situation for running updates would be to have a sandbox (duplicate copy of your website and data) where you can safely upgrade and test everything before it hits the live server. This way you can see any errors or missing functionality before your customers do. Upgrade take down your site? No problem – your production site is still live and problem-free.
If you’re running the upgrade yourself, you should let your developer know that you will be running the upgrade so that they can quickly address any issues. This way they know exactly how to trace the issue and they can quickly fix any problems. The alternative is to have your developer run the update themselves and immediately fix any problems cropping up.
This applies to plugin updates as well as core ones
Keep in mind that plugin updates are usually less stable than core updates. Most plugin developers are doing this in their spare time with limited chances to test every environment before releasing an update. This makes plugin updates even more risky. Unless there is a specific security risk in a plugin (such as the recent Slider Revolution exploit) you should run updates in the environment mentioned above.