A client uses a big company for email control. A feature is encrypting, mainly, documents when they are sent(web portal based to access them).
I was under the impression that sending an email out would be unprotected till it hit their servers to actually encrypt the file and send the link. Their live chat person said that if you use TSL/SSL when sending out was sufficient to keep the information secure.
Am I correct to believe that this is only for the credentials?
No it is not.
You have at least 5 parties at play here, the sender S and their email server T, the recipient R and their email server Q, and an attacker. While TLS does use encryption, the purpose of 'encrypting email' is to prevent anyone but the recipient from reading the message. TLS only protects the message from prying eyes in 2 cases:
Case 1: between the sender and their email server, and between the recipient and their email server (S to T and Q to R)
Case 2: server to server message transfer (T to Q)
Note that once the message arrives at a server, it is no longer encrypted, an attacker with access to either server can read the message. This attacker can be in the form of a system administrator or malware. Proper email encryption is done at S so that only R can decode the message, this is generally done using hybrid encryption and public key infrastructure. Neither T nor Q can see the plaintext in this case.
Your example is slightly different, where you are using a web portal to send your file, it is encrypted with TLS up to the point where it reaches the service, then it is plaintext, and they reencrypt it so that only the correct authenticated user (I assume) can access the file. If the attacker has access to that system, they have access to the files. In this case the service is both T and Q.
