From a management perspective, I would do the following:
- Give employees a company mail address (email@example.com) - you probably are already doing this
- Instruct the employee to create a new GitHub account with their company mail address - this address is then associated with the account
- Add that account to your GitHub organization
- Let the employee make their commits using that mail address - GitHub will link these commits to the user in your organization (this will be publicly visible)
- Employee gets mad and quits
- Kick the ex-employee out of the organization
At this point, publicly, the account has no relation to your company except the mail address. But that only indicates to users that this person ever had access to that mail address and doesn’t prove much. I wouldn’t be bothered by it. However, if you are paranoid enough for it, you can just buy a cheap domain like fkdjslkdjfklsdjf.com and let your employees use that domain as a commit mail address.
As for creating multiple accounts - I don’t think I would be a big fan of letting users use their personal accounts at work, but on the other hand it isn’t that big of a deal either. Just as with the mail addresses, just make sure to remove employees that have left the company from the GitHub organization.