Secure app to server means that only the app can access information. This prevents anyone from outside the app gaining access to content including webapp. This should be on if abstracts are embargoed or if there is content that is proprietary
Note: If you have secure app to server ON, when you download the proof version of your app on iOS it will prompt you 2x for the username/password before allowing you to install the app onto your dev