When you first set up the course, it is wide open to the entire world. You can restrict access in a several different ways:
You can make the entire course password-protected. To do anything, students will have to enter a login name and password you give them.
You can make areas containing information that identifies students password-protected. I prefer this option because I like for teaching methods to be open so that we can see how we all are doing things.
Right now, I would be the one to manually set up your preferred password protection for you. I've not found a reliable way to do this using the framework of the course setup. There is likely to be some clever way I have not thought of yet. For example, it would be possible to get passwords from you the teacher and set up the structure for it. Then you just upload a special file to each area you want to protect. More later . . .
Your teacher data area must be protected: it contains your gradebook if you choose to use that option. It also contains student questionnaire information and e-mail addresses. The setup program will take your teacher-only pasword, create the encrypted version, and upload it properly.
What about the student home directories?