Sql server 2005 security

Hi everyone I keep running into security management issues while setting up sql server 2005 reporting services. The following is my setup. I am running iis and sql server 2005. I want to provide reporting services to all my clients via the public internet. I have about 40 different customers and i want each of them to have access to their data and their data only. In other words when I send them to myserver/reports and they log in i want each customer to only see his reports. I have two virtual directories reports and reportserver. What should the setting be in iis to allow the above scenario. Should i enable annonymous access if yes what should the user name and password be. What kind of authenticated access should i choose. Once this is set up what are the steps or how should i set up the security in myserver/reports so that each user has rights to only his info. Should I use basic windows authentication or should i use something else?

I hope someone can help me this very confusing and frustrating.  Thank you in advance.