Windows 7 - NTFS Security for external drive Sync

I have a laptop and a desktop which are both running Windows 7 Ultimate. I have several software packages that generate large amounts of data (450GB +) on both machines. I primarily keep the data in "My Documents" (Libraries) on the desktop, but I also need to edit it from the laptop almost daily when I'm away from home.

The laptop drive isn't large enough to hold all of the info I have in "Libraries" so I store data on the external drive and synchronize it (using Alway Sync) with my desktop PC almost nightly.

In order to allow the laptop and desktop to both access the data, the top level security for the external drive is set to "Everyone" "Full Control".

I would like to know how to set up the security so that I can edit any file on the external drive from either the laptop or the desktop, but so that if I hand a buddy the drive so they can copy things, they can only access a single top level folder that I put shared files in.

In other words, I will have two folders in the root of the external drive. One called "Narnian's Docs" and the other called "Shared Docs". Everything I normally keep in "Libraries" on the desktop goes in "Narnian's docs". If I want to give someone at work a file, I copy it to "Shared Docs". They can read or write to "Shared Docs" but they can't open "Narnian's docs" without taking NTFS Ownership.


What is the "correct" way to set up the security for this drive?