Your best security option is to set up sharepoint with an ssl certificate and have external users connect by https. They will be required to provide credentials. Yes it will use active directory for authentication. This will secure your site from unauthorized users.
Please review my blog entry about <a href=”http://itknowledgeexchange.techtarget.com/it-trenches/alternatives-to-e-mail-attachments/”>Alternatives to e-mail attachments – SharePoint is risky!</a>. I would recommend reviewing the document <a href=”http://cxolyris.cxomedia.com/t/2738521/795826/30002/0/”>Why Security Pros Hate Microsoft Sharepoint</a>.