Here are some thoughts:
1) You can create a set of permissions for a type of user using roles. Though you are still dependent on the trust you have of your outside consultants. When they join the project they will download the entire project and associated libraries to their machines. No matter what role they have (even view only) they still can Save As to a pln and then use the PLN as they desire.
2) You might consider requiring that the outside users limit their work to certain layers, but this cannot be enforced, but it helps monitor changes (as long as everyone follows the policy)
3) You can also use hotlinks as a way of isolating outside consultant work. As long as you restrict your other projects to limited access, you can leave open certain teamworked hotlinks that are linked into a main project. Here you also limit what the outside user can download.
4) You can share some data from projects that are in general private, by setting up views and publishing mods of those views. These mods can be hotlinked into the "public" project for reference and thus in this fashion will not compromise private data while still providing necessary reference data to the outside consultants.
In the future Graphisoft is planning on enhancing the feature set in this area since it is often requested by our teamwork users.
Hope this helps,
Graphisoft Technical Support
