The unique data that makes up your company is held in a repository called the Integrated File System. Everything else that makes up your IBM i system (such as the software that makes the system work) is also held in this file system. Parts of this file system can be shared with systems such as PCs so the PC user can work with the data.

This file system is like a tree, with a root and main trunk which leads on to major branches which lead on to smaller branches and so on. If you cut off a smaller branch, the damage to the tree is minimal; if you cut the tree at the trunk you kill the whole tree.

Protection of the Integrated File System is quite similar. You must ensure that you only allow certain users access to the file system (you control who has access to the tree). And you must also ensure that those users who need access to the file system can only work with the parts relevant to their job (you control which branches can be accessed).
Too often we see file system shared as a whole and available to everybody. This is a significant security exposure that is quite easy to fix by reconfiguring the level of file sharing and using Netserver controls to limit the users allowed to access the shares.