When we talk about security, we usually think about processors as stand-alone units. But they aren't. And that means that while individual PCs still need to be patched, with targeted organizational changes, you might be able to keep processing power and speed for the more important data analysis servers – while keeping attackers out of your data.
The basic idea behind this approach: The 'workhorse' servers doing the actual data analysis run unpatched in a protected environment. That means restricted both in terms of physical access including separate wiring, as well as virtual access. The 'gateway' servers providing data access – are patched and access is highly restricted.
Of course, this doesn't work with every application and constellation. But if you are processing large amounts of data, taking a second look at where and how you distribute your analysis algorithms, and whether or not your infrastructure supports isolated analysis, might save you a few bucks by stretching your processing power.