> What security risks does email encryption at rest mitigate?
It prevents plain text emails from being readable if someone physically steals the hard drive from the email service providers server.
It also protects plain text from being readable if the service provider retires the drive without sanitizing it before dumping it in the trash, leaving it out on a desk, or sending it to a computer recycling company that doesn't properly destroy it.
Any example where an unauthorized person gets physical access to the drive fits here.
> Once they have your credentials and can unencrypt your emails anyway, what does it matter?
Different things, having your username and password doesn't mean a bad guy can decrypt an encrypted hard drive.
|