The easy path is to be very lenient. Offer access to anyone receiving the E-mail announcing the event. If that person posts the URL and perhaps the password—for that one event—on Facebook, Twitter and LinkedIn accounts, let it happen. So the audience is somewhat diluted. If those others buy stuff while attending the event, what’s the harm?
The intent of an invite-only event, however, is to be able to control the attendees, perhaps to reward excellent customers. More likely, though, the invite-only approach is to lure a very lucrative small subset of your audience to a virtual gathering where you can flood those people with highly targeted promotions. Maybe a key supplier wants to pay you for access to that subgroup?
If those issues are key, then you'll want to strictly manage access. To supplement the obscure URL and password, perhaps an IP address verification? Or maybe tell attendees that the password can only admit one person, so sharing it will defeat the customer's purpose. (Unless they choose to not go and to give it to a non-targeted friend.)
Once you have cleared those authentication issues, the psychological and marketing benefits are substantial. Such invites—if strictly managed—suggest exclusiveness and prestige. Managed correctly, this approach could be a powerful way to sell higher end items.
But from a CRM standpoint, this is a gold datamine. You already presumably know exactly who is in the room and precisely what they're looking at. Because they've signed in, they're more likely to stay longer; they've already lost their anonymity.