Move the database to where the security service allows. Or look for another way out, such as sending this service in 3 letters

And where is the server with the store? Maybe your security officers are worried that the server with the data is located in someone else's data center? A compromise option is to move the server with the store inside the corporate network and buy a Provider Independent address.
If they are completely paranoid, you can show them this: 1C-Bitrix products and solutions have passed s...

Our security officers are so paranoid, the FSTEC certification is the first thing they checked with Bitrix.
And sending them to three letters will lead to the fact that they later call me a saboteur and a foreign intelligence agent. Is it possible to do something on the DB side? For example, Access has such a feature: linked tables, the point is that one database clings to another and uses the necessary data as it should. All this looks like all the tables are in the first database, but the data is stored in another database. It's called linked tables.
Is there something like that?

through WSDL it is impossible to receive and change?
or you yourself do not use 1C?

If you can set up the DBMS so that it is accessible from the WEB hosting server, go ahead. Then the data will always be where you want.
Another thing is performance. Don't wait for it then, the data will compete over the network.
If caching on your site is effective (at least a couple of hours the cache does not clear), then it can help.
But in this case, the security guys still have a great reason to troll - there is data in the cache, and the cache is located on the host server.
Here, too, you can play to memcached on the server, which will arrange the security service. But in this case, its meaning is lost - the data will again be sent over the network, and twice more.
Bottom line - your own hosting will solve all problems. And how to do it - there are always options.

Sharding?)