The reason multifamily real estate investors have never shared operational-security data with their LPs is a privacy boundary. This guide is about how it moves.

Because every path to the underlying data went through raw footage. A property manager could pull a clip from the DVR, but the clip carried identifiable resident video, which a GP cannot ship to an LP, a lender, or a broker without a privacy review and a redaction workflow. Without a redacted shareable artifact, the only thing an investor could put in a quarterly report was a sentence like 'cameras are installed and operational.' That sentence is a qualitative claim, not a KPI. Cyrano changes the shape of the artifact: the data that leaves the property is already redacted at the edge, so what lands in the quarterly packet is a count of normalized events plus, where necessary, a 480 by 270 pixel thumbnail keyed on tile.label and a timestamp, not an identifiable video clip.

Tier 0 is the raw continuous footage, which lives on the DVR exactly where it has always lived, and never crosses the property boundary. A 16 camera property produces roughly 10 TB of Tier 0 footage per month. Tier 1 is the indexed event row plus the 480 by 270 JPEG thumbnail, which live on the Cyrano edge device in the same closet as the DVR. A typical 16 camera property writes approximately 150 MB of Tier 1 data per month. Tier 2 is the aggregate counts, which ship to the portfolio dashboard over the property's existing internet connection. Tier 2 is approximately 2 MB per property per month. The three tiers differ by a factor of 10,000 in volume. That spread is what makes the architecture shareable: the layer the investor shows to an LP or a lender is a million times smaller than the layer that could cause a privacy problem, and it is the only layer the LP ever sees.

Per property per day, a row that looks roughly like: property_key, date_utc, indexed_events_count, events_by_class, resident_days, indexed_rate_per_1000_resident_days. Across 30 days and 30 properties that is 900 rows of at most a few hundred bytes each. The property_key is a pseudonymous slug like oakridge-312, not an address. Event counts are integers. The ratio is a float. Nothing in the Tier 2 payload names a resident, names a unit, or references a specific frame of video. Nothing in the Tier 2 payload requires a privacy review to include in a report or a data room. The entire Tier 2 volume for a 30 property portfolio fits in an email attachment.

The thumbnail exists so that when an investor, a property manager, or a legal team needs to visually confirm what an event_class label means, they have a picture to look at without having to unlock the DVR for full video. 480 by 270 is a 16:9 downscale of a standard multiview tile. It is small enough to be roughly 18 KB as a JPEG, which keeps the Tier 1 storage footprint under 150 MB per month for a busy property. It is large enough to resolve a person's presence at a gate and a vehicle's lane position, but small enough that facial identification against a general database is unreliable. The resolution is a deliberate balance point, not a leftover default. That balance point is what makes the thumbnail safe for the property-manager's incident log but not useful for the kind of indiscriminate surveillance analysis that would create a privacy exposure.

Yes. The aggregate that lands on the portfolio dashboard is enough to compute indexed incidents per 1000 resident-days per property per day, which rolls up to a portfolio-weighted rate across the hold period. A multifamily real estate investor with 12 properties can read one portfolio-weighted number on the same dashboard as portfolio-weighted occupancy, rent growth, and NOI per unit. Drilling into a property gives 30 to 365 daily aggregates, a ranked tile.label breakdown, and an hour-of-day distribution. If any of those drill-downs surfaces a question that needs a visual, the paired 480 by 270 thumbnail is pulled from Tier 1, not from raw video. The drill stops at Tier 1 for every stakeholder except the on-site property manager, who still has Tier 0 access the same way they always did.

Three surfaces, three redaction levels, one source of truth. The on-site property manager keeps the DVR UI they have always had, with full Tier 0 video for forensic review. The GP or asset manager sees Tier 1 in the Cyrano dashboard: event rows, tile.label filters, hour-of-day charts, and a gallery of 480 by 270 thumbnails for context. The LP sees Tier 2 only: the aggregate counts, rolled up to the portfolio level, with the ability to drill to per-property daily aggregates but not to individual events or thumbnails. Each stakeholder gets enough to do their job and nothing more. A data request from the LP to the GP used to require pulling a clip, reviewing it for resident identifiability, and redacting it. Under the three-tier model, the LP's dashboard is already at the right granularity, and there is no clip-pulling request in the first place.

No. Cyrano does not change the legal framework around video surveillance at a multifamily property. The DVR still retains video under the same retention policy the property already has, and the property still has to provide the same tenant notices it has always provided. What the architecture changes is the chain of custody for operational-security data that leaves the property. Tier 1 thumbnails are not retained beyond the operational event window, Tier 2 rows do not contain identifiable information at all, and no raw continuous video ever leaves the property under the Cyrano pipeline. A privacy counsel reviewing a multifamily portfolio's operational-security reporting program will find that the boundary between what is inside the fence and what leaves the fence is drawn at the edge device, not at the cloud.

Approximately 2 MB per property per month, spread across the month. At the peak of a daily roll-up that is a few hundred KB. The Cyrano edge unit is designed to co-exist on the property's existing leasing-office internet connection without measurably affecting anything. By contrast, a cloud VMS that streams raw video upstream typically wants 5 to 50 Mbps of continuous upstream bandwidth per property, which in Class B and Class C multifamily is usually not available and is never budgeted. The 2 MB per month egress profile is why Cyrano can be installed on a 1960s Class C property with a DSL-era connection in the leasing office and still ship a daily aggregate to the investor's portfolio dashboard without a network upgrade.

The artifact that goes into a loan file or an offering memorandum is a rolling 12 to 24 month aggregate: one CSV with per-day rows, one PDF chart pack showing the indexed rate over time, the ranked tile.label breakdown, and the hour-of-day distribution. No thumbnails, no raw video. The lender's analyst reads the chart pack alongside the T-12. The broker includes the CSV in the data room. Both artifacts are Tier 2, meaning the investor is not making a judgment call on whether a specific frame of video is shareable. The boundary was drawn when the event was written, not at the point of sharing.

Yes. Cyrano reads the HDMI output of whatever recorder or NVR is driving the multiview to the wall monitor in the office closet. If the property also has a cloud VMS, that stack is unchanged. The cloud VMS is the property manager's tool. Cyrano is the investor's tool. The two pipelines do not overlap. The three-tier egress boundary is a property of the Cyrano architecture, not an integration with the VMS.

Nothing at the Tier 1 or Tier 2 layer. The new property manager inherits Tier 0 (the DVR) under the new engagement. The Cyrano edge device continues reading HDMI output, and the event rows and thumbnails continue landing in the same Tier 1 store. The investor's portfolio dashboard (Tier 2) sees no discontinuity. If the new property manager replaces the DVR, Cyrano re-OCRs the painted tile-name strip on the first frame of the new multiview and re-keys tile.label, so the event table continues without a schema migration. For the investor, a management change is a line item on an operating statement, not a rebuild of the operational-security reporting stack.

The objection is usually 'why is the thumbnail 480 by 270 instead of full resolution.' The honest answer is that the 480 by 270 is an intentional ceiling. A full-resolution clip on Tier 1 would turn the per-property edge store from 150 MB per month into multiple GB per month, and more importantly it would move the clip back into the privacy-review category for any downstream sharing. The ceiling is what keeps the Tier 1 store operationally useful to the property manager while keeping the Tier 2 rollup shareable with the LP. Investors who understand the shape of the boundary stop objecting to the ceiling and start using the Tier 2 aggregate as the input to their own dashboards, which is the intended workflow.