Sorry, but what tosh.
Microsoft is a convicted monopolist in the EU. Your problems in the US are your problems.
And Windows XP is not "secure". It's like saying that a door you have laying in the shed is "secure" just because you're not using it so nobody would bother to break into it.
You have to consider local, internal attacks (especially if you're dealing with government, NHS, police, etc.) as well as anything from the outside. And you can't isolate XP enough to be secure and work in a networked fashion.
XP is dead. It's lifespan is over. Hardware support for it is dropping fast. I abandoned it in my last workplace because we had major difficulty getting drivers for things as simple as SATA controllers for it, not to mention wireless and network interfaces. Beyond that, 64-bit XP is niche and 32-bit XP prevents a lot of things working. Even for home use, a lot of games nowadays do not work on 32-bit-only systems. XP-64 also brings it's own share of driver problems as there are EVEN LESS XP-64 drivers than XP drivers.
Sure, you can virtualise it, but then you're not running XP at all, really. And still the problem is "It's on your network" if you want to do anything vaguely useful with it. And that provides an attack vector both to and from that machine if it's unsupported and compromisable.
Give it up. I held out until two years ago and that was FAR TOO LONG to hold out on XP for. The alternates really don't make users suffer at all after the initial acclimatisation.
Move on. It's not Windows - it's like someone running Slackware 7 in the modern day, on a 2.2 kernel. Sure, you can do it, but you're setting yourself up for a lot of hurt and hassle just because of the age of the tools and hardware you need to use.
If you have ANY significant number of XP machines, it's time to pay the pittance that an entirely new machine would cost (I'm getting business-class machines for GBP150 - $250? - with Windows 7/8 on them). If you have one or two machines, sure it's not particularly cost-effective but I guarantee you that it will hurt your wallet more when it goes wrong unexpectedly (virus, hardware replacement, data compromise, etc.).
And Windows 10 is expected to be free, for the most part.
If you have a "network", especially a business one, of any description, you are negligent in sticking on XP now. I would not want the most basic of business data processed on XP. I don't deal in multi-million dollar networks, I don't do high-end gear with clouds and servers coming out of my ears. I do small schools. But, for any business that includes a network or server of any size, I would be doing them a disservice to suggest that that DON'T move off XP. Not just failing to mention the possibility, but failing to actively DISCOURAGE further use of their network with XP clients.
You can't secure XP. You can isolate it, but you can't secure it. And there's no real thing as a limited user in XP because it's basically a cinch to demonstrate privilege escalation using any number of pieces of bog-standard software on XP (that you CAN'T patch or upgrade because the XP releases of that software are no longer updated!).
Give it up, really. And you don't even have to pay Microsoft a penny.