Honestly, I'd think about a 2-part solution.
The visible-to-the-world part would be a password-protected page on their website with a single button that said something like "OK to Run Process X after <datetime>", and when clicked that button would update a single file with any relevant information you wanted logged - the only important part being the date/time on the server and maybe not even that as long as the file gets modified. Basically, a most-recent-visitor date/time stamp, which can probably be gotten from the last-modified time of the file it's put into.
The internal server part would be a script scheduled to run every 5 minutes or so that would attempt to retrieve that file and look at either its contents or the last-modified stamp, and if it's newer than the last time processing was done then trigger processing. If using Powershell, I'd look at some of the things discussed in
https://stackoverflow.com/questions/20259251/powershell-script-to-check-the-status-of-a-url, but it could be in something else.
You could also do something involving email messages to a private email address, plus something scripted to check for messages periodically and download them, triggering processing any time an appropriate message arrived.
Heck, if they're using any kind of shared document system, set up a watcher for new files in a relevant directory.
Basically there are a ton of ways to do this based around triggering on conditions rather than on having someone execute commands via some kind of remote access, and triggering on conditions is likely to be a lot safer.