Problem
Many companies want software agents, but they don’t want to move all their sensitive context to a public cloud without fine-grained control. Code, credentials, internal systems, logs, documentation, operational data, and regulated environments are not accessories. They are the ground where the agent has to work.
The announced collaboration between OpenAI and Dell in May 2026 points to this bottleneck: Codex needs to get closer to the hybrid and on-prem environments where critical data and workflows already live.
Thesis
The next enterprise leap of agents won’t be just more intelligence. It will be operational proximity: agents that work close to data, repositories, registration systems, security policies, and internal controls.
Codex on-prem is not an infrastructure note. It’s a maturity signal: agents are leaving the playground and entering enterprise architecture.
Framework
An enterprise agent needs five proximities:
- Proximity to code: large repos, history, dependencies, and conventions.
- Proximity to data: documentation, tickets, runbooks, analytics, and internal systems.
- Proximity to permissions: credentials, roles, approvals, and limits.
- Proximity to execution: tests, CI, staging, deployments, and observability.
- Proximity to audit: logs, diffs, tool calls, and reviewable decisions.
Mini-case: a healthcare company wants to use Codex to maintain internal software. The agent needs to read repositories, run tests, review incidents, generate changes, and prepare reports. But the environment’s data is regulated. Bringing the agent close to the governed infrastructure reduces friction and increases control.
Measurable signal: percentage of agent tasks that can be executed within approved environments without copying sensitive context outside.
Posture: the enterprise agent doesn’t win by being everywhere. It wins by being where the controls are.
Breathing: without internal context, the agent seems ready. With internal context, it starts to be useful.
What changes for medium-sized companies
Not all need on-prem. But all need to think about architecture:
- what data can the agent see
- where it runs
- what commands it can execute
- what logs it leaves
- what environments it touches
- what happens if it produces an incorrect change
The question is not “cloud or on-prem”. It’s what degree of control each workflow requires.
Common mistake
The anti-example is treating software agents like generic SaaS. If the agent doesn’t understand repositories, internal systems, security, deployment, and ownership, it only produces loose patches.
The challenge is not giving it access to more things. It’s giving it the right access to the right things.
Protocol (3 steps)
- Classify workflows by sensitivity. Public code, internal repos, customer data, regulated environments.
- Define runtime and permissions by level. Local, remotely managed, hybrid, or on-prem according to risk.
- Demand full traceability. Diffs, commands, approvals, tests, and rollback.
| Level | Where it runs | Typical use |
|---|---|---|
| Local | user’s machine | individual tasks |
| Remotely managed | devbox or approved environment | distributed teams |
| Hybrid | internal data + connected agent | enterprise workflows |
| On-prem | own infrastructure | sensitive or regulated data |
Related
- GPT-5.3 Codex: the day execution stops being the bottleneck
- MCP in enterprise: the standard that avoids agent chaos
- Rollback Design for AI Workflows: how to shut down automations without breaking operation
Consulted sources
- OpenAI and Dell Technologies partner to bring Codex to hybrid and on-premises enterprise environments
- Work with Codex from anywhere
Next step
If your software agents need to touch repos, data, and internal systems, first define where they should live. We can map it out in a diagnostic.
Translated from the Spanish original with AI assistance and reviewed for accuracy. Read the original in Spanish.