You don't have to do anything special. In a clean install of GDE 2.5.x - adjust this appropriately if you've changed your available profiles - just add the usual GDE shortcode, but set the profile to "2" or "max-doc-security" like this:
[gview file="http://url.to/file.pdf" profile="max-doc-security"]
For added security you may wish to create a new folder using FTP, etc. to store all your otherwise "hidden" documents, and use that URL in the shortcode above. You can also increase security by blocking search engine indexing on that whole folder using robots.txt or whatever is appropriate for your server. But in general, just using this shortcode syntax will make the document inaccessible to the vast majority of users.
Hope this helps.