It depends on your situation. If the network traffic between your SAS clients and SAS servers is going over the public internet then I would say it is a definite risk as without it some SAS traffic is not securely encrypted and is open to hackers.
On the other hand, if all of your SAS network traffic runs on a protected company intranet or over secure VPN links then it is less of a problem. Having said that, there is a strong trend in many organisations to encrypt all network traffic regardless of where it flows. The idea is that you should have multiple layers of security in place, so it is less likely that hackers will be able break all of them.