No disrespect to your 2 Mbit connection (wish I had 2 Mbit here!)... just that your hardware requirements will be substantially lower than you'd need for a backup solution for a corporate LAN.
Hardware: Dual-processors will likely be wasted in this application. File transfer with encryption over a 2 Mbit line for a handful of simultaneous users will not place heavy loads on a processor. I'd look at regular x86 (AMD or Intel) hardware for this - anything faster than 1 GHz should be fine. A UPS for each box is essential. A rackmount case with 5 x 5.25 bays for removable caddies, desirable: http://www.dealtime.com/xPP-PC_Cases...rack_mountable
Security: Iptables and regular security updates for your distro.
Interface: For Windows or Linux, or both?
Connection: Ideally this would match the bandwidth of your fastest customer.
OS Setup: Use what you know. Think in terms of redundancy - RAID 1 will cover you for single drive faults but if your primary fileserver develops a power supply or ethernet fault, do you have a backup server ready to switch in at a moment's notice? rsyncing to another on-site box, even a low spec with IDE drives, will give you one up-to-date backup server you can switch in with a quick change of interface ip address while you repair the primary. Do you have a backup router and switch?