Encryption on self-hosted environments

I always read that the encryption doesn’t make sense if the data is on the same host as the NC server application, because the encryption key is also stored locally.

My question is, how easy is it to get the key? Does the encryption really doesn’t make any sense? If someone has access to the data directory does he also have access to the key automatically?

I think this post sums it up nicely. Server-side encryption & file sharing