It’s a BES server, and it has super-Administrator privileges to your Exchange – do you know the people you are trusting with access to your server room? Do you have any control over how they access your server room?
If you have Blackberries in your organization, the BES server has complete control over your company’s messaging infrastructure, everyone’s email and Active Directory (yes, even the CEO’s cell phone). It has a direct “secure” connection to a datacenter in Canada (which goes down occassionally, but that is another story). Do you know who is looking at your email? do you have control over how this datacenter is secured? Do you have any influence over the security policies for access to this datacenter, whoi manages it or the technology to secure access and communication? …the answer is no.
So…what happens if someone breaks into this datacenter, hacks into it, or a malicious (or simply curious) employee wants to look at your CFO’s email?