We would like to be able to “notify” a user when sending out data such as SSN’s, which are defined in the data identifiers. Currently we have a network policy to create incidents when that data is sent, but we want to change that so the user knows that they are sending out confidentialy/protected data. My understanding, and according to Symantec support, the network policy cannot have a “notify” box as a response rule, is that correct? What are my options? Can I change the policy to run on engpoint to accomplish this?