Why “cloud fit” matters more for the public sector
By Thomas Ormond, Account Director, Redcentric
If you work in the public sector, chances are you’ve been navigating “cloud first” conversations for a long time now. In many cases, cloud adoption has delivered real benefits — faster deployment, better resilience, and access to modern digital services.
Public cloud is rightly positioned as the default starting point. NHS England and central government guidance are clear that organisations should assess public cloud first as part of a structured design and assurance process when designing or modernising digital services.
But increasingly, I see teams pausing to ask more practical follow-up questions – What does “cloud first” actually mean for us- once that assessment has been done and the risks, constraints and requirements, are fully understood? and moreover, what works — given our estate, our data, our networks and our responsibilities?
This distinction matters. Because while public cloud is the first port of call and a clear strategic direction, it may not always be the right fit for every workload today.
From cloud first to cloud fit
The idea of “cloud fit” isn’t about stepping backwards or avoiding public cloud. It’s about applying judgement within a Cloud First framework.
Public sector organisations are expected to consider public cloud first — and many do. But NHS and government guidance also recognises that where public cloud is not suitable, organisations must be able to evidence their reasoning, whether that’s based on cost, security, technical constraints or operational risk.
In practice, technology decisions in the public sector carry weight. They have to stand up to scrutiny around value for money, regulation, data protection and service continuity. They also have to work alongside legacy systems, constrained networks and limited internal capacity.
That’s why many organisations are taking a more deliberate approach: assessing public cloud first, then choosing the platform that best fits each workload based on evidence rather than assumption.
Public cloud plays a vital role. So do private, hybrid and sovereign cloud approaches — where they are justified.
When public cloud may not always be the answer
Public cloud offers scale, flexibility and access to powerful services. For many digital-first workloads, it’s a strong choice and often the preferred outcome of an assessment.
However, when organisations go through that assessment honestly, a number of practical considerations can influence the final decision:
Cost governance
Consumption-based pricing can be difficult to forecast and manage within fixed public sector budgets, particularly for workloads that are long-running, stable, or those not optimised to be cloud native.
Regulatory and assurance requirements
Data residency, sovereignty and compliance obligations can place additional controls around how and where services are delivered.
Network realities
Connectivity models such as HSCN and PSN introduce design and segregation requirements that don’t always align neatly with the default public cloud patterns and must be explicitly addressed as part of any compliant cloud architecture.
Operational capability
Running and securing complex cloud environments requires specialist skills that aren’t always available in-house.
None of this contradicts a public-cloud-first approach. It reflects the reality that assessing suitability doesn’t always lead to the same outcome.
What cloud maturity really looks like
In my experience, mature cloud strategies aren’t defined by how quickly organisations migrate. They’re defined by how confidently teams can explain why a workload sits where it does and how that decision aligns with Cloud First Principles.
That confidence usually comes from being able to answer a few straightforward questions:
- What does this workload need to deliver — performance, resilience, availability?
- What data does it handle, and what controls apply?
- How predictable does cost need to be?
- How does it connect to the rest of the estate?
- Who operates and secures it day to day?
When organisations work through these questions — starting with public cloud and then assessing fit — they often arrive at a mixed estate:
- Public cloud for workloads that benefit from scale and rapid change
- Private cloud where predictability, control and performance are key and simply cannot be met by public cloud
- Hybrid cloud to integrate legacy systems with modern platforms
- Sovereign cloud where UK residency and operational control are essential
That isn’t a deviation from policy. It’s the result of applying it properly.
Cloud fit in the context of the NHS 10-year health plan
The NHS 10-year health plan sets out a clear direction of travel — moving from analogue to digital, from hospital-centric to community-based care, and from reactive treatment to prevention.
Delivering on that vision depends on technology that is secure, resilient and joined up across organisations.
That doesn’t mean one cloud platform everywhere. It means:
- Sharing data safely across organisational boundaries
- Connecting systems reliably
- Supporting new digital services without destabilising core operations
For many organisations, it also means ensuring critical services are underpinned by UK-based delivery models, with clear operational ownership, resilient support and assurance aligned to national standards.
A cloud-fit approach supports that reality. It allows organisations to modernise at pace and meet public-cloud-first expectations – while ensuring critical services and sensitive data are hosted in a way that is proportionate, assured and defensible where it makes sense, while protecting critical services and sensitive data where caution is required.
Where we fit — supporting confident decisions
Our role isn’t to steer organisations away from public cloud. It’s to help them assess suitability properly, in line with Cloud First principles, and act on the outcome in a way that is robust and sustainable
That starts with understanding the outcome you’re trying to achieve — not just technically, but operationally and commercially — and designing an architecture that can be justified internally and externally.
Our experience comes from operating across the whole public sector ecosystem. We support and connect every layer, with services already embedded across Hospitals, GP practices and Integrated Care Boards, as well as pharmacies, councils and wider public sector organisations. That breadth gives us real insight into how platforms need to integrate, how services are consumed in practice, and where design decisions genuinely add value.
We work with best-in-field platforms across the spectrum:
- HPE infrastructure to underpin resilient private and hybrid environments
- VMware to provide a familiar, flexible private cloud layer
- AWS and Azure to support public cloud workloads where they add clear value
Using established platforms matters in the public sector. They’re well understood, widely assured and easier to govern. But the real value comes from how those platforms are designed, connected and operated together.
That’s where experience counts.
A practical way to approach cloud decisions
For teams looking to sense-check their direction, a simple framework often helps:
- Start with the workload
Define what success looks like — performance, resilience, compliance, cost. - Be clear on constraints
Data sensitivity, network access, regulatory requirements. - Choose the cloud model that justifiably fits
Understand your options and make informed decisions – starting with public cloud and considering private, hybrid or sovereign approaches — based on evidence, not assumption. - Design for change
Requirements will evolve. Your architecture should allow for that.
A calmer conversation about cloud
Cloud discussions don’t need to be polarised. Public cloud versus private cloud isn’t the real debate.
The real question is whether the platform — chosen after a structured, evidence-based assessment — supports your services, your users and your responsibilities, today and tomorrow.
Taking a cloud-fit approach helps organisations move forward with confidence. It respects public-cloud-first guidance while recognising that fit, evidence and outcomes matter just as much as intent.
And in a sector where trust, resilience and accountability matter as much as innovation, that balance makes all the difference.
Explore how Redcentric is enabling the delivery of the NHS 10 year health plan.
Connecting the Future of Health and Care
