If you have nothing to hide, then you have nothing to worry about!
I think you answered your own question. Seriously, tho. The answer to your question is "It Depends". If your situation is that noncritical data is flowing between a client and server on an intranet you may not have to secure the connection. Now if you are transmitting medical data including insurance numbers, diagnosis, credit card #, names and so on across the internet, you will definately have to secure that connection. The reason why you don't see much on the internet about securing connections to EJB's is probably that the most common use of EJB's is to back up a web site or service, so securing the connection is a web server task (usually using HTTPS).