Using Window's permissions, set the permissions for folders, files or drives for this new user account to be as restrictive as possible while still allowing the server enough permissions to run. After carefully determining what files and folders your users will need to access, gradually increase the permissions.
Windows NT permissions can be edited through the Security tab in the Properties of an object (such as a folder or file object in Windows Explorer). On the Security tab, select the Permissions button to display and edit the permissions for the object. The appearance of this window is slightly different for files and directories and for different versions of NT (W2K, XP, etc.).
Keep in mind that you have the option to grant or withhold read and write permissions. Read-only permissions are the most secure. They allow users to access a file, but not to change it. For example, most users will need limited read access to the Windows folders (C, WinNT). However, most FTP Servers will not need any access to these directories at all.
In addition to the individual permissions, Windows NT also provides access levels that are simply pre-built sets of the existing permissions. Typically, you will assign an access level to a user rather than specifying which individual permissions they are granted. One such access level is called "No Access." It does not contain any permissions.
Please refer to the Windows Help documentation for your specific operating system for more information on setting permissions to folders and files.