Windows authentication access for unknown user

I need to publish a report (generate from excel) as web page to a specified
customer on existing running web server (IIS 5.0). Now I do the following
procedure to publish it.

1. create a directory "Progress" and share as web
2. create user from local computer for that customer
3. assign only read to the directory for this user only.
4. From IIS, directory security > disable anonymous and enable "integrated
windows authentication"

When the customer access http://www.testing.com/progress, it will prompt for
username and password.

Is there any risk to let customer access webpage through windows
authentication since I don't know wirting web page skill.