That is one very broad question!
In the simple case, IFS objects can be secured using commands such as Change Authority (CHGAUT), Change Owner (CHGOWN), etc. An introduction to this can be found in the Information Center article <a href="http://publib.boulder.ibm.com/infocenter/iseries/v5r4/topic/rzamv/rzamvsecureifs.htm">Securing the integrated file system</a>.
The more complex case is when your system is connected to the internet and external users might be accessing your system. Again the Information Center is a good starting point with topics such as <a href="http://publib.boulder.ibm.com/infocenter/iseries/v5r4/topic/rzaiq/rzaiqrzaiqimplement.htm">Securing FTP</a>, <a href="http://publib.boulder.ibm.com/infocenter/iseries/v5r4/topic/rzamv/rzamvtcpsetupsecurity.htm">Setting up TCP/IP Security</a>, and so on. I would suggest starting at these links and then looking at their parent topics to see what else is available.
When setting permissions for the IFS there are a couple of different ways. You can go through iSeries Navigator and Click on File Systems, Integrated File Systems, right click on Root and you can set permissions and you can drill down in Root to the other directories and do the same thing, as well as sharing. The other way is to do the WRKLNK, from an iSeries command line, and take an option '9' to set permission. You take an option '5' to drill down and can take an option '9' on any directory to set permissions.