Encordia Consulting Ltd

Workato

Workato automates business workflows across cloud and on-premises apps. E.g., automating quote-to-cash business processes, transferring data between apps such as Salesforce, Netsuite, Office365 and others.

Workato combines an enterprise-grade workflow automation platform with the ease of use of consumer apps, enabling business and IT users to quickly build workflow automations.

Features

Data Integration: Connect and synchronise data across multiple applications effortlessly.
Automate tasks with intelligent Workbot assistants on Slack/MS Teams.
APIM: Streamline API creation, deployment, and management for seamless integration.
Automate, optimise business processes through intuitive workflow design and implementation.
Monitor and analyse data in real time for proactive management.
Pre-built Connectors: Easily integrate with over 1500 popular business applications.
Event-Driven Automation: Trigger actions based on specific events or conditions.
Transform data formats to align with application requirements efficiently.
Custom Connectors: Create tailored integrations for unique business requirements.
Integration: Connect apps and automate workflows seamlessly for efficient operations.

Benefits

Increased Efficiency: Automate tasks, saving time and reducing manual effort.
Optimise workflows for enhanced team productivity and task prioritisation.
Scalability: Seamlessly handle growing data volumes and increasing workflow complexity.
Improved Accuracy: Reduce errors with automated data synchronisation and validation.
Cost Savings: Eliminate manual labour costs associated with repetitive tasks.
Flexibility: Adapt workflows easily to changing business needs and requirements.
Real-time Integration: Ensure data consistency across applications with synchronised updates.
Faster Time-to-Market: Expedite project delivery by automating key processes.
Better Decision Making: Access real-time insights for informed business decisions.
Ensure regulatory compliance and data governance through automated controls.

£40,000 to £70,000 an instance a year

Education pricing available
Free trial available

Service documents

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at martin.yapp@encordiaconsulting.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

Contact

Encordia Consulting Ltd Martin Yapp
Telephone: 07775687828
Email: martin.yapp@encordiaconsulting.com

Service scope

Software add-on or extension: Yes
What software services is the service an extension to: Amazon Web Services.
Integration and Automation
Cloud deployment model: Public cloud
Service constraints: Workato is a SaaS solution hosted on AWS public cloud infrastructure. Workato cannot be deployed on-prem. Instead, Workato can connect securely to on-prem systems by installing a lightweight 'on premise agent'.
System requirements: Workato License

User support

Email or online ticketing support: Email or online ticketing
Support response times: Workato has support agents in California, New York, Philippines, Singapore, and Barcelona.

We provide 3 support plans to accommodate a wide range of customer needs and objectives: Standard, Premium, and Enterprise.

Standard support is included with your subscription. Premium and Enterprise plans are available for an additional cost.

In addition to the standard support resources and 24 x 7 live chat included with every Workspace, we offer two upgraded Support Plans to accommodate a wider range of customer needs and objectives.
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: WCAG 2.1 AAA
Phone support: Yes
Phone support availability: 24 hours, 7 days a week
Web chat support: Web chat
Web chat support availability: 24 hours, 7 days a week
Web chat support accessibility standard: WCAG 2.1 AAA
Web chat accessibility testing: Available 24x7x365 depending on the support plan purchased by the customer.
Onsite support: Onsite support
Support levels: Standard Support Plan
Support available to third parties: Yes

Onboarding and offboarding

Getting started: Workato has a full training program which includes online self paced training, and instructor led training.

Our Workato Automation Institute offers online courses for beginners and advanced users. We recommend that end users / new hires begin with the Automation Pro I, II & III training modules to get a firm understanding of the platform. Certificates are generated on completion and can be shared by your users on LinkedIn.

https://academy.workato.com/"
Service documentation: Yes
Documentation formats: HTML

Other
Other documentation formats: Videos

Blogs
End-of-contract data extraction: Workato is an integration and automation platform. Workato is not a system of record. Workato is a data processor. Our customers control the information that is processed on the Workato platform. The information that is processed on the Workato platform us available in the recipe job reports (transaction logs). These are made available for diagnosis, troubleshooting and error recovery purposes. The retention period for this data is dependent on the service plan. Workato also provides the ability for customers to set a shorter retention period. their plan. Workato has a facility to stream the transaction logs to AWS S3 buckets or an HTTP end point. Workato also provides the ability to mask out sensitive information in transaction logs.
End-of-contract process: Customers can purchase a minimum 12 month license term and at the end of that term the customer has the option to renew or decide to cancel the service in accordance to our Terms of Service.

Using the service

Web browser interface: Yes
Supported browsers: Microsoft Edge

Firefox

Chrome

Safari

Opera
Application to install: No
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: N/A
Service interface: Yes
User support accessibility: WCAG 2.1 AAA
Description of service interface: A Workato workspace is your home base for building automations. This is where a dedicated team can collaborate, build recipes, and deploy recipes for a department, level of business, or organisation unit.
Accessibility standards: WCAG 2.1 AAA
Accessibility testing: N/A
API: Yes
What users can and can't do using the API: Workato provides a full-cycle, low code / no code API management platform. Turn Callable Recipes into endpoints and organize the endpoints into API collections, making it easier for users to find and consume the endpoints through other Recipes or third-party apps, without requiring access to your Workato account. Additionally, API publishers can control who has access to the endpoints, as well as monitor and set limits on usage.

For more information:
https://docs.workato.com/api-management.html#api-platform

Workato's developer API provides access to various Workato resources, through which you can manage recipes, connections, and jobs. This allows you to automate all aspects of your Workato workspace - from deploying recipe manifests from development to production or deploying new on-prem agents within your network landscape.
API documentation: Yes
API documentation formats: Open API (also known as Swagger)
API sandbox or test environment: Yes
Customisation available: Yes
Description of customisation: Users can create desired automations and integrations with standard recipes. Additionally, they can expand functionality with custom scripting in Ruby, Javascript, or Python. Workato also facilitates Connector SDK, enabling users to construct custom connectors for diverse applications and incorporate them into their automations.

Scaling

Independence of resources: Workato has built in autoscaling of worker containers in its multi-tenant cloud native runtime environment, ensuring that there are always enough work containers to process all jobs across all customers on the platform.

The only scaling that a customer needs to concern themselves with is scaling of on-premise agents. On-premise agents can be scaled vertically by adding additional processing resources to their hosts and horizontally by adding additional agents to on-premise agent groups, https://docs.workato.com/on-prem/groups.html.

On-premise agent groups allow for high availability and horizontal scalability with automatic load balancing by Workato across agents in a group.

Analytics

Service usage metrics: Yes
Metrics types: Workato includes out of the box visual operational dashboards. These dashboards provide customers both key 'time series' i.e. historical, as well as 'rolled up' i.e. real time summary insight info along with free text search that can even search customer payload. The dashboard address all functional areas of the product i.e. Integrations, workflow automations, API management, etc.
Reporting types: Real-time dashboards

Reports on request

Resellers

Supplier type: Reseller providing extra support
Organisation whose services are being resold: Workato

Staff security

Staff security clearance: Other security clearance
Government security clearance: Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: European Economic Area (EEA)

Other locations
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least every 6 months
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Encryption of all physical media

Other
Other data at rest protection approach: All data is encrypted at rest via AES256 using customer specific keys that are automatically generated and rotated by Workato and in transit via TLS 1.2. Workato services are accessible only over HTTPS. Traffic over HTTPS is encrypted and is protected from interception by unauthorized third parties. All data at rest is encrypted including the Workato database, backups, and log files.

Read more about Workato encryption in our docs: https://docs.workato.com/security/data-protection/encryption-key-management/#encryption-key-management
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach: Workato has a facility to stream the transaction logs to AWS S3 buckets or an HTTP end point. Workato also provides the ability to mask out sensitive information in transaction logs.

You can export packages to create distributable files containing related recipes and their dependencies.
Data export formats: Other
Other data export formats: Open API (Swagger)

JSON
Data import formats: CSV

Other
Other data import formats: XML

JSON

Flat File

Any file format

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)

Other
Other protection between networks: The Workato website is only accessible over HTTPS. Traffic over HTTPS is encrypted and is protected from interception by unauthorized third parties. Workato follows current best practices for security, including the use of industry standard TLS 1.2 and 1.3 encryption algorithms with a key length of at least 128 bits.

Workato also uses secure protocols for communication with third-party systems: usually HTTPS, but other protocols such as SFTP and FTPS are also supported. For on-premise systems, access requires the installation of an on-premises agent behind the firewall, which communicates outbound to Workato over an encrypted link, using TLS 1.2.
Data protection within supplier network: TLS (version 1.2 or above)

Other
Other protection within supplier network: All information on Workato is encrypted at rest and in transit and is encrypted at rest using an encryption (AES-256).

Workato has key management for securing customer data: Transaction data is double-encrypted. All data is encrypted with a global key managed by our cloud providers (rotated at least yearly). Workato encrypts data with secondary, tenant-specific keys whose lifetimes are tied to the configured retention period for the data. A new key is generated hourly and encrypts all data for customers within that period. The key is then deleted, erasing the data by making it unreadable and data storage is reclaimed.

Availability and resilience

Guaranteed availability: 99.95% availability SLA with very rage downtimes, Workato publishes updates without involving user downtime, in rare events there is a downtime we will publishing information about to our users. Status page for our datacenters https://status.workato.com/
Approach to resilience: Workato is designed to offer high availability and resilience to service disruption. Technical measures used to ensure high availability include: running Workato services in redundant clusters, utilising multiple redundant cloud Availability Zones, and continuous replication of the application database to a standby system.

Current system status and recent uptime statistics are continuously available at status.workato.com.
Outage reporting: Public dashboard can be found at status.workato.com.
Email notification to impacted customers.

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Other
Other user authentication: Basic, SSO and 2 Factor Authentication.

Customers must log in to Workato with secure passwords meeting length, complexity, and expiration standards. Two-Factor Authentication via authenticator apps is available. Workato integrates with 3rd-party SAML Single Sign-On systems for access management and custom authentication. It also supports Single Sign-On via Google and Microsoft Office 365. Automatic session logout can be configured. OAuth2 is preferred for connecting to remote systems; credentials are encrypted if stored. Best practice recommends using integration-specific user identities for recipe connections.
Access restrictions in management interfaces and support channels: In general Workato personnel do not have access to customer data that is being processed on our platform. A small select group of individuals have access in the event that is needed for support purposes. Our policies mandate the use of least privilege access principles.
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Username or password

Other
Description of management access authentication: Basic, SSO and 2 Factor Authentication.

Audit information for users

Access to user activity audit information: Users receive audit information on a regular basis
How long user audit data is stored for: User-defined
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: Between 1 month and 6 months
How long system logs are stored for: User-defined

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: N/A
ISO/IEC 27001 accreditation date: N/A
What the ISO/IEC 27001 doesn’t cover: Workato is SOC 2 Type 2 certified based on the SSAE18 standard. We do not have current plans to become ISO 27001 certified. Our SOC2 audit addresses a broad spectrum of security controls that cover the same major areas as ISO27001, including HR processes, authentication and access control, data protection at rest and in transit, business continuity and DR, incident management, secure software development, operational practices and procedures, 3rd party security measures, etc.

Note also that, while Workato is not ISO27001 certified, its cloud hosting provider (AWS) has a wide variety of certifications, including ISO27001.
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: Yes
Who accredited the PCI DSS certification: Workato complies with PCI for payment processing.
PCI DSS accreditation date: PCI Complainace is provided via Stripe
What the PCI DSS doesn’t cover: We are currently not certified to process or store payment card data sourced from our customers (i.e., not submitted to us as part of our payment flow but passed through our integration service). In this scenario we would be a "service provider" in PCI terminology. While we meet many of the technical requirements, we may not currently meet all of them, nor have we been certified as a service provider (there are two levels of certification, Level 1 and Level 2: which one applies depends mainly on transaction volume).
Cyber essentials: No
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: Other
Other security governance standards: Workato is SOC 2 Type II and GDPR compliant.

Workato is a HIPAA-compliant Business Associate and able to sign a BAA as part of a partnership with material HIPAA exposure.

Workato itself complies with PCI for its payment processing, using a 3rd-party compliant vendor
Information security policies and processes: The CISO is responsible for overall security policy. A dedicated Privacy Team is responsible for privacy policies, compliance and fielding inquries/requests. A Security Team including the CISO, management, and engineering staff directs and ensures implementation of appropriate technical security measures, coordinates security testing, and evaluates, triages and plans response to vulnerabilities and other issues. A DevOps team configures and manages website security measures, in consultation with the Security Team. Workato's legal team evaluates legal and regulatory requirements and ensures policies and contracts are in compliance. We have security staff with certifications including CISSP, CSSLP, HiTrust CSF, CISM and CEH.

Operational security

Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach: We maintain a documented SDLC policy addressing security concerns, aligning with industry standards such as NIST and OWASP. Source code is managed on Github, with commits undergoing peer review and unit testing. Changes require approval before moving to staging, where they undergo live environment testing similar to production. Following final approval by senior engineering staff, changes deploy to production. We integrate static code analysis (SAST) and scanning for vulnerable dependencies (SCA) into the development lifecycle. Annual technical security training covers OWASP Top 10 vulnerabilities for all development staff. Additionally, Workato holds SOC 2 Type 2 compliance, reflecting rigorous development practices.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: A level of network level vulnerability management is provided by AWS. We track and monitor for any vulnerabilities across our network components. Patches and updates are applied on a daily basis after validation. Any vulnerabilities found as part of testing are tracked and resolved.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Below is an overview of the tools we are using:
1) HIDS/HIPS tools at machine level - it monitors open ports, detects unusual traffic and blocks malicious agents; also produces real-time alerts.
2) AWS GuardDuty at cloud & networking level - it detects unusual traffic patterns for internal and outgoing traffic and sends real-time alerts.
3) WAF for incoming traffic to detect and block traffic from well-known malicious ip-databases, SQL injections, port/vulnerability scans, real-time notifications are sent in case of detection.

Workato employs automated tools for continuous system monitoring including file integrity checks, vulnerability checks, anti-malware, and intrusion detection.
Incident management type: Supplier-defined controls
Incident management approach: Workato has an incident management plan. In the event of an incident, all affected tenants would be notified with all pertinent details in terms of the type if incident, the information that may have been compromised and appropriate remediation actions. Workato would actively work with tenants to help with needed information as well as remediation.

Workato has put in place a Security Incident Response Plan, which details roles, responsibilities and procedures in case of an actual or suspected security incident.

Secure development

Approach to secure software development best practice: Supplier-defined process

Public sector networks

Connection to public sector networks: No

Pricing

Price: £40,000 to £70,000 an instance a year
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: Free trial for 30 Days

Service documents

Request an accessible format

Cookies on Digital Marketplace

Workato

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents