Encrypting data at rest is a security measure that ensures that stored data is not easily readable or accessible to unauthorized users. It protects confidentiality by adding a layer of security that requires proper authentication and authorization before the data can be decrypted and accessed.