Cloud Fish Ltd

Workflow Automation

Cloud Fish provides business process/workflow automation consulting services and software solutions. Cloud Fish specialises in K2 workflow automation and other low code technologies to rapidly design, develop and deploy workflow driven applications across all platforms.


  • Full integration with all Microsoft-based products
  • Full integration with Salesforce
  • Create business process automation applications
  • Low Code / No Code Application Development
  • Create Cross platform applictions
  • Process audit and tracking capability reporting
  • Ability to interact with multiple different data sources
  • Drag and Drop Rapid Application Development


  • Create applications quickly without coding skills
  • Create forms in minutes instead of days
  • Web based, so can be developed from anywhere
  • Automate manual workflow tasks with secure low-code apps
  • Real Time reporting to Identify process bottlenecks
  • Empower end-users to create highly scalable applications
  • Change processes easily to meet the needs of the business


£70 to £200 per user

  • Education pricing available

Service documents

G-Cloud 11


Cloud Fish Ltd

Simon Allport


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints Microsoft Azure
System requirements Modern Browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Instance response from 8am - 5pm Monday - Friday
During the weekend and public holidays 24hrs.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Yes, at an extra cost
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Via a Slack / MS Teams group
Web chat accessibility testing Haven't done any, just use the out of the box software supplied by Slack and Microsoft.
Onsite support Yes, at extra cost
Support levels Support is provided by phone, web chat or on-site visit.
Support is either;
Monthly (unlimited)
Hourly (hourly rate/credits)
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide the following services
Onsite Training,
Mentoring / Best Practices,
Helping with first application,
Solution Design,
Project Management,

Projects start with gathering requirements and defining the objectives.
This is followed by a detailed plan defining overall deliverables, timescales and roles and responsibilities. Full project management is provided throughout the term of the contract with Sprint reviews to ensure successful delivery and progression.

We take an agile approach and work in sprints. Sprint length depends on the project. After each sprint we will do a sprint review to make sure we are all happy with the progression of the contract. We try to release an MVP as quickly as possible so that users can start using the software and give feedback to help with the development process.

Onsite support is provided along with full application training and documentation.

A project review generally follows after go-live to ensure continuous user adoption.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Full data extract capabilities are available in the application. A full database backup can also be provided to the customer upon request. After service termination, all database backups and data extracts are delivered to the customer and all data can easily be deleted.
End-of-contract process Once a notice of termination is received via Email, all data and platform customisations are exported and made available to the customer.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The service is responsive in nature and has like-for-like support between mobile, desktop and tablet devices. There are some differences, but the design time tool allows you to target either mobile or desktop that optimises the user experience.
Service interface Yes
Description of service interface Web based development portal which can be accessed via your desktop/laptop browser
Admin portal which can be accessed via your desktop/laptop browser
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing N/A
What users can and can't do using the API The platform has an API that allows accessibility to all of the platform's capabilities these include
Data services input and OutPut
Workflow Control
Integration between 3rd party services / web form technologies
More information can be required on request
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The platforms are low- and no-code drag and drop based platforms. It allows full customisations of web forms, workflow, data integration, reporting.

Customisations are done using the designers, but code-base changes are also supported.

The user interface can also be styled using custom themes and CSS.
Changes can be done by super users, analysts and developers


Independence of resources The platform scales both horizontally and vertically. New nodes can easily be added to support in increase in demand and fail over.


Service usage metrics No


Supplier type Reseller providing extra features and support
Organisation whose services are being resold K2

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Never
Protecting data at rest Other
Other data at rest protection approach Follow Microsoft's and K2 practices for data protection
Data sanitisation process No
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Users can export data in different formats Excel, CSV, API or SQL Server database connection.
Data export formats
  • CSV
  • Other
Other data export formats
  • SQL or SQL database backup
  • XML
  • JSON
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • XML
  • JSON
  • SQL, SQL database backup

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Agreed service availability of up to 99.9%, 24/7. Cloud Fish also make reasonable efforts to resolve application support requests based on the severity and support level.
Approach to resilience Disaster recovery is built in via a secondary failover environment. For on-premise, you would be responsible for providing the failover environment
Outage reporting A range of options are available, including administration reports, email alerts and administration portal where outages are reported

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels Using verified email addresses
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security No
Security governance certified No
Security governance approach We provide the services to work on client's infrastructure and on our supplier's infrastructure.
Information security policies and processes We follow the principles of GDPR

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Create Change Request, A submitter completes a CR Form and sends the completed form to the project manager. The project manager enters the change request into the backlog. The change request status is updated throughout the change request process as needed. The team review's the change request and provide an estimate for the suggested change
On approval the change will be scheduled into be made.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Services are managed by the supplier, we make sure that applications built on top the services are checked for vulnerabilities.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Potential compromises are identified through robust data protection policies. A breach in security is immediately reported to the customer and plan to mitigate the threat. SLAs linked to the severity applies when responding to threats.
Incident management type Supplier-defined controls
Incident management approach Incidents are reported using the support system and routed to the appropriate member of staff to deal with it. The process is fully tracked and has detailed reporting to enable monitoring of incidents.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £70 to £200 per user
Discount for educational organisations Yes
Free trial available No

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑