There's nothing wrong with storing emails in plaintext. Even if accessed they don't allow the attacker to access the accounts (provided the authentication works correctly). There's no reason to encrypt them unless you have some very specific requirements we don't know about.
If you want to secure your database in general:
- read the database documentation
- if you have multiple services / scripts accessing the data, make sure they have separate accounts and have access only to the data they need to access
- make sure your database backups are at least as secure as the database itself
- limit the source hosts (possibly when setting up users) for the accounts to only allow connections from your web frontend, or if you're running on the same host maybe you can disable everything apart from loopback (bind the database to 127.0.0.1)
- ... loads of other things are possible, but start from the basics... you'll find more ideas in the documentation, I'm sure