My executives wanted email going out to be encrypted. The BES<-->SRP relay is 3DES encrypted. I wasn't positive the Exchange<-->BES communications was encrypted, or it is was, that it wasn't decrypted (if even for a second) at some point on the hosted BES server. We also ran into this with hosted GoodLink. The executives wanted an inhouse solution, but it wasn't cost effective for 1-2 users (vs. 11 users on the BES).
Also if you are paying $10/mo, you can probably at least break even at buying BES licenses if you amortize it out 12 or 24 months. And the BES is dead simple to administer. I don't see a reason not to run one in-house unless a company doesn't have the CPU/RAM horsepower, or the space or cooling for it.