Generating organization-specific encryption keys for PIN message encryption
By default, all BlackBerry® devices store a common PIN encryption key that they use to protect PIN messages. To limit the number of BlackBerry devices that can decrypt PIN messages that users in your organization send from their BlackBerry devices, you can generate a new PIN encryption key that is stored on and known only to BlackBerry devices in your organization. BlackBerry devices with a PIN encryption key that is specific to your organization can send and receive PIN messages only with other BlackBerry devices that store the same PIN encryption key.
You should generate a new PIN encryption key if you know that your current organization-specific PIN encryption key is compromised.