While exploring how File Storage = File System and observing the content of the directory
http://www.example.com/directory_of_FO/upload I realized that an index.php or index.html (or other mechanisms available) didn't exist to prevent browsing to that folder.
Since emails appear to be stored in the contents of ../upload/ and could be read by other savvy employees, and since unintended directory browsing is just bad form IMHO, I offer the following to those who may have similar concerns:
Use an editor to create the following code snippet in a file you call index.php in any otherwise unprotected directory:
<?PHP header("Location: http://www.example.com/yourFOdirectory/"); exit ?>
Now, when someone points their browser to
http://www.example.com/yourFOdirectory/upload they will simple be redirected back to the root of the FO directory.
Cheers.