We implemented a BES a while back and I had the exact same question as you bbt.

I ended up disabling JavaScript in browsers.

Yes, it's true that BlackBerrys haven't been hacked in this way......yet. But at some point in the past Windows Mobile had never been hacked either, and the same with with Apple computers, both of which have active exploits out there. All it takes is for people to start targeting them. It's the same to me as saying "I don't wear seatbelts because I have never been in an accident up to this point"

Plus there are already JavaScript exploits for other platforms like Adobe.

(Sorry I had links to the WM, Apple and Adobe claims but im a new poster and can't put links in)

Sure, it's a pain sometimes for users when websites don't appear correctly on their Berrys, but these are company provided phones. As admins we are always faced with having to possibly sacrifice usability for security, but hey if it doesn't affect a users' job THAT much (and it hasn't up to this point), then I like to err on the side of caution.

Plus with BlackBerrys becoming more and more popular with private consumers, I just think it's only a matter of time before people target them too and one day succeed (read seatbelt anaology) and I'd rather be on the correct side of the eight ball.