OpenAI Brings ChatGPT Work to Office Tasks: 3 Security Checks for IT Teams - TechRepublic

OpenAI Brings ChatGPT Work to Office Tasks: 3 Security Checks for IT Teams

OpenAI Brings ChatGPT Work to Office Tasks: 3 Security Checks for IT Teams

OpenAI introduced GPT-5.6 on July 9, 2026, alongside expanded capabilities for professional and agentic work in ChatGPT. Image: Screenshot from OpenAI

OpenAI’s ChatGPT Work can operate across connected apps, files, websites, and desktop software. IT teams should review permissions, approval rules, and audit visibility before expanding access.

Jul 14, 2026
We may earn from vendors via affiliate links or sponsorships. This might affect product placement on our site, but not the content of our reviews. See our Terms of Use for details.

OpenAI launched ChatGPT Work on July 9, 2026, giving ChatGPT the ability to carry out multistep office work across connected apps, files, websites, and desktop software. The updated desktop app is available globally on Mac and Windows, while web and mobile access began with Pro, Enterprise, and Edu accounts before expanding to Plus and Business.

ChatGPT Work can retrieve company information, operate websites and desktop applications, move files, and continue scheduled work while a user is away. Those capabilities expand the systems ChatGPT can affect, requiring IT teams to review access, approvals, and audit coverage before broad deployment.

ChatGPT Work reaches deeper into business systems

Powered by GPT-5.6 with Codex technology built in, ChatGPT Work can pull information from email, calendars, messaging platforms, storage services, CRM systems, and project trackers. OpenAI’s ChatGPT Work announcement says the agent can also create documents, presentations, spreadsheets, analyses, and web apps from those sources.

The launch follows growing enterprise interest in stronger agentic capabilities and governance demands. IT teams should inventory every connected system and document whether each connection uses delegated employee credentials, a shared account, or a dedicated identity.

Access should be limited to the data and functions required for a defined workflow. Recent reporting on the enterprise AI agent security gap shows how broad permissions and weak visibility can create overlooked access risks.

Approval rules are the next control point. OpenAI says users and administrators can decide when the agent must request permission before acting. Organizations should initially require approval before it sends messages, edits shared files, changes calendars or business records, transfers data, or performs other consequential actions.

Human review remains important because warning labels do not reliably prevent users from trusting inaccurate AI output. The risk increases when an agent can act on that output through connected systems.

Scheduled Tasks also require scrutiny. They can run once, repeat on a schedule, respond to an event, or monitor for changes. Computer Use can click, type, and move files across desktop apps and the browser, increasing the impact of an incorrect instruction or excessive permission.

Logging and prompt injection shape the risk

OpenAI’s Compliance Platform provides Enterprise and Edu customers with logs and metadata that can connect to e-discovery, data-loss prevention, and SIEM tools. Administrators should confirm that agent activity is recorded with enough detail to support retention, investigations, and incident response.

OpenAI also says Enterprise and Edu administrators can manage access, connected tools, browser and network use, and sensitive actions. Those controls should be tested during a limited pilot against the organization’s identity, logging, retention, and data protection requirements.

The OWASP agentic-security framework identifies risks including goal hijacking, tool misuse, and identity or privilege abuse. Malicious instructions hidden in emails, webpages, or documents could redirect an agent or expose information. Narrow permissions, approval gates, and monitoring can reduce those risks.

NIST’s Generative AI Profile provides a voluntary framework for documenting risks, owners, safeguards, and testing procedures. It can supplement product-specific controls without replacing existing cybersecurity and compliance programs.

IT teams should treat ChatGPT Work as an automation platform rather than another chat feature. A controlled rollout should begin with narrowly defined workflows, limited permissions, approval requirements for consequential actions, and confirmed visibility across existing security tools.

Read more: A recent Claude Code espionage campaign shows how agent permissions, connectors, and enterprise data access can become part of a larger security incident.