When using the minimode links to a process map, it seems like anyone who got access to the link could view the map. This would include people outside of our company. Is there a way to limit access to minmode to only company employees?
You're correct -anyone with the minimode link can access that version of the process. If there is a new version published, they will still see the old version.
There is a workaround (not perfect) - to prevent external users accessing them, you can make sure "Minimode links to restricted processes require login" is turned on (it is by default) then add every process group into a new permission that you grant all your staff. It will force them to be logged in, although if you have SSO they won't notice anything.