diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 285fe6b..922bc75 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -46,16 +46,9 @@
     - coreutils
     - rsyslog
     - sendmail
-    - unattended-upgrades
     - iptables-persistent
     - cgroup-tools
 
-- name: Configure unattended-upgrades
-  template: src=50unattended-upgrades.j2 dest=/etc/apt/apt.conf.d/50unattended-upgrades owner=root group=root mode=0644
-
-- name: Periodic upgrades configured
-  template: src=10periodic.j2 dest=/etc/apt/apt.conf.d/10periodic owner=root group=root mode=0644
-
 - name: Loopback for services configured
   template: src=10-loopback-services.cfg.j2 dest=/etc/network/interfaces.d/10-loopback-services.cfg
   notify:
diff --git a/roles/security/tasks/main.yml b/roles/security/tasks/main.yml
index c46e041..7046e2c 100644
--- a/roles/security/tasks/main.yml
+++ b/roles/security/tasks/main.yml
@@ -1,3 +1,14 @@
+- name: Install tools
+  apt: name="{{ item }}" state=latest
+  with_items:
+    - unattended-upgrades
+    
+- name: Configure unattended-upgrades
+  template: src=50unattended-upgrades.j2 dest=/etc/apt/apt.conf.d/50unattended-upgrades owner=root group=root mode=0644
+
+- name: Periodic upgrades configured
+  template: src=10periodic.j2 dest=/etc/apt/apt.conf.d/10periodic owner=root group=root mode=0644    
+
 # Using a two-pass approach for checking directories in order to support symlinks.
 - name: Find directories for minimizing access
   stat:
diff --git a/roles/common/templates/10periodic.j2 b/roles/security/templates/10periodic.j2
similarity index 100%
rename from roles/common/templates/10periodic.j2
rename to roles/security/templates/10periodic.j2
diff --git a/roles/common/templates/50unattended-upgrades.j2 b/roles/security/templates/50unattended-upgrades.j2
similarity index 100%
rename from roles/common/templates/50unattended-upgrades.j2
rename to roles/security/templates/50unattended-upgrades.j2