It is highly recommended that you configure Secure Sockets Layer (SSL) for IIS, so that HTTPS can be used to secure the connections between the client and IIS.
For how to configure SSL on IIS, refer to https://docs.microsoft.com/en-us/iis/manage/configuring-security/how-to-set-up-ssl-on-iis.