What are risks related to providing external access to TFS

In our company we use TFS for issues tracking. For now we are thinking to create a new project and made it accessible outside from company network for one customer (we will create a separate user for 开发者_如何学JAVAthat).

The biggest concern here is that we will create external access and it became potentially hackable.

Could you please share own experience for this case?

Do you know any useful information to read about TFS security that is related to access from outside network.

Thanks a lot. Any thoughts are welcome!

While you can technically put SSL on the TFS Web Services, the general best practice is to:

1) Require use of Team Explorer over a VPN connection

or

2) Implement Team System Web Access

Other thoughts would be to setup a tfs instance with a hosted tfs provider and then do some automation to provide work item replication. Do you intend the customer to be read only or will they update and submit?