If you ask me, you have a bigger problem.
The mere fact you can access your Time Machine backup from a public hotspot means that ANYONE can.
The issue of whether Time Machine is using a secure vs. insecure connection back to your server is an important one, but the fact is that your server is constantly accessible to the internet and anyone can it hit at any time, not just at the time you're backing up. That means all your data is as secure as your password (which probably means - not a lot).
A VPN is, by far, the preferred solution, and don't expose your data to the outside world.