NAV 2013 R2 Publish web services - authentification

I have NAV 2013 R2 instance with Windows credential type. With this, I am configured Web Services (OData and also SOAP) and published it. Inside the company (site) I am authorized by Access Directory, and all is OK.
Is true, that for another computer (not server) was necessary set NAV site as intranet group and also set “Use NTLM Authentication” at NAV Administration for an instance. But all is OK.

My question is, if I will publish web services link to internet (outside of the company), for B2B… How safety set authentification for third party services which not available AD.

Access Key for SOAP is only for NavUserPassword or AccessControlService authentication. And combine credential type is not possible. Or not?

Any best practices ?

Thanks for answer!
Regards Z.