You can verify via the SEE Admin/User client or from the Manager Computer/Console if a disk is encrypted or not. The state of encryption isn't specifically linked to the authentication options you choose.
As far as your implementation goes (full disk encrypted endpoint machine with automatic authentication) the drive itself is encrypted, so is protected from attempts to read/manipulate the drive with other bootable utilities, password crackers that boot from CD/USB, and anything else that doesn't have access to the keys. But because it boots straight into Windows, you are essentially reliant upon the security of Windows itself. Once it's all up and loaded, it has the same exposure as a normal Windows machine and is open to all of Windows vulnerabilities and attack vectors.
It sounds like you may want to switch to requiring authentication, and enabling single sign-on. This means when a encrypted machine is started it boots straight into the hardened pre-boot auth environment, but will then load straight into the profile of whichever registered user logs on. This is normally the recommended auth option.