I know there are ways -e.g. when tracing a port, to gain this info still:
I haven't seen a case where there was a good reason for not encrypting NRPC in at least 10 years. On the other side, I am still running into Admins not really aware that someone in the next office in many cases could be reading the bosses mails, too, if this is not done. Therefore:
I think a Server should write on start up into its log if there is unencrypted aktive ports.
Additionally if the Admin Client is starting (or changing the server) this should be visible clearly too (maybe a dialog to click away, or a traffic light symbol at a dominant place or something).
Given the Let's encrypt integration in V12, there is rooms for similar Info for oter Protokolls (HTTP(S), SMTP - basically anything that is switched on).
(I know real live is somewhat more complicated, e.g. if both http and https is allowed - or http task not running at all.- Maybe this a yellow instead of a green traffic light situation or something).