This is one of those "it depends" questions. All of the distributions mentioned work quite well, and all of them can be used for the applications mentioned. Which you should choose depends greatly upon whether these applications represent all that will be run or just a couple examples of a larger number of applications. More crucially, which you should choose also depends upon the experience level of the administrator and how much time he/she has to devote to administration.
Gentoo offers a great deal of flexibility, as it is usually compiled from source code rather than installed from binaries. It has a large number of up-to-date features, but can require tweaking by the admin. Debian, on the other hand, is typically installed from binaries, but does not focus on the latest-and-greatest features. It has a good track record of fixing bugs very quickly, so can address security issues rapidly.
In terms of security, I don't feel there is significant difference in these distros "out of the box." Each should be installed and configured with security in mind to best ensure safety. A good resource to help in this effort is John Terpstra's Hardening Linux (McGraw-Hill, May 2004).
Most important in terms of selecting a distro is the use of the Linux box and the experience level and involvement of the administrator. Both Gentoo and Debian offer great tunability, but they are not as easy to install and administer as the Red Hat or SUSE distributions. Put another way, the latter two distributions are designed to require little tweaking to get a workable system up and running.
From the way the question is put, it sounds like this machine will have specific business uses and will only have part-time administrator attention. Given those assumptions, I recommend that a distribution that requires little install work and ongoing administration post-installation be selected. The obvious choices are Red Hat and SUSE. If you prefer to go with either Gentoo or Debian, I would point to Debian as requiring less effort for a machine used for straightforward business purposes.
This was first published in September 2004