True, but I read a big distinction between "encrypted at rest" and "encrypted on the server". Encrypted at rest has the implications that you state, being there to prevent somebody from walking off with a hard drive. Encrypted on the server implies that it is never unencrypted while on the server, and that any server-side computation is done solely through homomorphic encryption.