I think adding security is always a good think. I think your question is a little to vague however to know how to answer. Initially you will probably get 400/500 type error when trying to access you rest endpoints or web pages. In general terms, I would think you would want to have a SSL cert and use port 443, and using a proxy. GitHub - Esri/resource-proxy: Proxy files for DotNet, Java and PHP.
You may want to look through this site for more info Trust | ArcGIS which talks about security strategies for the different products.
