Sometimes, companies are worried about "reusing personal GitHub accounts", but contributing source code or reviews with an already existing account does NOT mean that
-
existing ssh keys or personal access tokens would be valid to access your enterprise organization (all credentials would have to be authorized: https://help.github.com/en/github/authenticating-to-github/authorizing-an-ssh-key-for-use-with-saml-single-sign-on)
-
email notifications would go to any personal email (you can enforce the use of a company email domain: https://help.github.com/en/github/setting-up-and-managing-organizations-and-teams/restricting-email-notifications-to-an-approved-domain)
-
contributions could not be marked to belong to your organization explicitly (you can explicitly mark contributions to be done on behalf of your company: https://help.github.com/en/github/committing-changes-to-your-project/creating-a-commit-on-behalf-of-an-organization)
-
you could not enforce any merged commit to satisfy your coding standards and your CLA (see bots like https://probot.github.io/apps/dco/ and https://help.github.com/en/github/administering-a-repository/configuring-protected-branches)
-
you would not be able to see the real identity between all users in your organization (as all accounts would be linked to your SAML identity and visible to administrators, see https://github.blog/changelog/2019-03-25-view-organization-members-email-addresses/)
-
would allow anybody without access to your organization to see what kind of contributions have been done by your developers (contributions to private repositories a person does not have access to will only be shown as a green dot in the contribution graph without mentioning the repository or organization name or nature of the contribution)
-
you could not enforce additional security standards for user accounts if they have access to your organization (you can enforce two-factor authentication for any org member: https://help.github.com/en/github/setting-up-and-managing-organizations-and-teams/requiring-two-factor-authentication-in-your-organization)
-
could not prevent users from forking any of your private or internal repositories (see https://help.github.com/en/github/setting-up-and-managing-organizations-and-teams/allowing-people-to-fork-private-repositories-in-your-organization)