Sophos Central Endpoint Protection - Application Policy Status "bypassed"

Question

Slider states:

Policy is bypassed 
 None of the settings of this policy will be applied to assigned targets. They will get their settings from the highest priority policy they are assigned to and which is not bypassed. If you want to deactivate a specific setting, you need to re-enable this policy and set the relevant setting to off in the settings tab.

Does "Bypassed" mean disable this policy? 
 Since the Base Policy is last (bottom) Enforced. How would only allow the application policy eg "Dropbox" allow for certain users, but linking the Base policy (and not cloning the base, which would result in duplicate settings having to adjust both policies if base policy were adjusted) that has "Dropbox" blocked.

GlennSen · Answer

Hi There, 
 Thank you for reaching us. Kindly refer to the below answered for your query, 
 
 Does "Bypassed" mean turn off this policy? Yes, you&rsquo;re right. Selecting Bypassed means that you&rsquo;ll Bypass the whole policy setting you've created, and the endpoints will get the based policy settings on your central. 
 Since the Base Policy is last (bottom) Enforced. How would only allow the application policy, for example, "Dropbox" allows for certain users, but linking the Base policy (and not cloning the base, which would result in duplicate settings having to adjust both policies if the base policy were adjusted) that has "Dropbox" blocked? - This isn&rsquo;t possible since the on-based policy is being set as automatic enforce all the settings you created for the said policy by default and can't be overridden. For your desired set-up It would be better to created/duplicate the said policy and add the specific users/computer to the policies. Let say for example, on default policy, you&rsquo;ll set allow "Dropbox" then add the users who need access to it and on the duplicate policy, you set to block "Dropbox". In this case, it&rsquo;ll help you manage your policy much easier.