@DaniSql I know this is an old post but you said "I am thinking to use BCP but I am not happy about enabling xpcmdshell." My question to you is "Why Not"? Who is going to use it? ONLY those with "SA" privs can use it unless someone were foolish enough to grant individuals the privs to use it directly. Turn it on and leave it on. Then do those things that should have been done to protect the server. Turning xp_CmdShell off offers zero protection against a hacker that gets in with "SA" privs and still can't be used by one that gets in with less than "SA" privs.
I'll also add that although it's a really good answer, the "accepted" answer uses OPENROWSET, which requires the same privs as xp_CmdShell... "SA". You can do just as much damage with OPENROWSET as you can with xp_CmdShell. With a tweak to the registry (which you can easily do with xp_RegWrite and I certainly won't demonstrate), you can even invoke CMD with it.