With companies looking to understand their customers as completely as possible, today’s Customer Relationship Management (CRM) software challenges bear almost no resemblance to the CRM issues of even ten years ago.

So what has changed so much about CRM, exactly?

As recently as 2005, it was almost entirely about a customer’s purchase history. While that is still a critical part of CRM today, other elements are growing an importance. For example, companies are trying to understand what a shopper was considering purchasing — or at least, starting to consider. That is measured by clicks and how deeply someone pursues a purchase possibility. Did they click on a link? Look at a demo? Experiment with different size and color options? Look at a review? This is all critical CRM data in the new world of work.

Let’s talk mobile

But all of those data points have been available — depending on your traffic analytics software — since the earliest e-commerce days, dating back to the mid-90s. Mobile and wearables have brought oceans of additional data to businesses, such as geolocation (which display or shelf were they standing in front when they clicked?) and physical duration (how long did they stand next to that product before opting to walk away?). This could telegraph the level of interest.

Mobile provides a lot of direct data, but it delivers far more by interacting with other devices in-store, such as beacons. Some stores use mobile identification numbers as makeshift shopper identifiers. Sometimes they’ll use cutting-edge audio devices to broadcast one commercial’s audio to one shopper and another audio commercial to someone standing four feet away. Then, there are the ever-so-crafty eyeball-tracking in-aisle video cameras, which can even guess the exact area a shopper is looking at.

Getting to know you

As databases get integrated, the much ballyhooed single-view-of-the-customer is slowly becoming reality. This allows retailers to link every mobile action, with every in-store action, with every Web action, with every call to a call center — all of which gets layered on top of social media information. (Did this shopper just lose his job? Or did she get a raise? Has the shopper recently complained about a problematic appliance and might be in the market for a new one?) Car dealership salespeople have been known to do extensive social media searches about active prospects, seeking clues for how far to press pricing negotiations.

Got data? Enter analytics

When seeking to understand customers as completely as possible, all of this data would seem to be a good thing. And for the most part, it is. But as any database administrator will confirm, the goal in finding any particular answer (what will it take to sell this turquoise shirt the most effectively?) is made more difficult the more data that the analytics systems must review. To be fair, the more data it has to review, the more likely the final answer will be more accurate. But it will still take more time. Also, the more data to be reviewed, the more misleading or inaccurate data that is likely to exist.

Think of it like a police investigation. Having 500 pieces of evidence is going to make for a much better case, but it is still going to take a lot more effort to review.

Defining data accessibility

Once the system is fine-tuned and generating reliable & useful answers, an even more daunting decision crops up. Who should — and shouldn’t — have access?

A surprisingly large number of companies tend to get both of those answers wrong, denying access to large numbers of employees who need it, while granting access to many who don’t. Both are harmful, but for very different reasons.

Let’s start with who needs access. The answer should be anyone and everyone who has direct contact with customers and who needs to make decisions about such interactions. In a retailer, for example, a sales associate would need access but a cashier wouldn’t. A store manager would need access, but someone stocking the shelves wouldn’t. One often overlooked group of employees who need access would be Loss Prevention. If you want them making decisions about who was really intended to shoplift and who truly forgot an item in the self-checkout lane, don’t you think being able to access shopper history would be a good thing?

The problem today is that CRM access is often granted to a staggeringly tiny percentage of the people who need it. How often have you called into a retailer’s call center and had to re-explain the same problem? Even worse, how often had you had to re-explain a situation in the same store, but to a different associate? Or in a different store in the same chain? What if every one of those associates could review every activity that shopper had taken with that company — along with notes of every prior interaction with an in-store employee? Would you not be more inclined to stay with that retailer?

Now let’s look at who should not have access. The world of cybercrime has advanced significantly in the last few years. Why steal a payment card number when stealing that shopper’s identity delivers access to everything they have? With a stolen identity, the thief can create new payment cards that the consumer won’t know about it — until the bill collectors come calling.

For these identity thieves, CRM files are pure gold. The most basic security process is that the more copies of a database that exist — and the more people who are granted full access to it — the more opportunities there are for the identity thieves. Does HR, Payroll or the CFO’s office need access? No. Warehouse employees may need full access to item-level RFID data, but they don’t need intimate details about customers.

Final thoughts

CRM analytics are extremely useful, but only if a retailer seriously plans on using it. Some retail segments — grocery is the quintessential example — have little intention of sending customized promotions to shoppers or to otherwise market to them individually. For them, mere basket analysis (looking at all purchases in aggregate, with all shoppers treated anonymously) is a more cost-effective approach.

The truth is, though, that no companies in 2015 should ignore CRM. Data privacy sensitivities are melting away with increasing mobile devices. To be more precise, privacy concerns are not melting away as much as morphing. People will often say — and it’s true — that they are just as concerned about privacy as they ever were. But how they define privacy is sharply changing. And therein lies the opportunity.

Are you providing the best experience for your customer base? It’s time to focus on customer acquisition and retention.