What is the point in AWS S3 Server Side Encryption?

Question

Can someone explain what is the idea behind server side encryption on AWS S3? What are we protecting with Server Side encryption? From whom?

If someone gets access to my account, this encryption is of no use - because the user will always get the decrypted data. And without access to my account, un-encrypted data is as safe. Are we protecting the data from a potential hacker who gets backend access to my S3 bucket? That comes under "Security of the cloud" and is AWS responsibility! Why should I pay for it?

Am I missing a point here? Can you please explain?

Answer 1

Why should I pay for it?

S3 encryption is free, unless you are using KMS. Other than that, you may be required by law to store data encrypted at rest. For example if you want your project to be HIPAA-compliant (medical data), you must store your data in the encrypted form. There may be many other local or federal requirements that you must comply with in terms of encryption.