There is no connection-driven need to use a remote SQL Server instance or ditch Windows authentication in your connection string. An IIS-hosted WCF service can work fine with both.
Your connection string should look something like this:
<add name="DbConnection" connectionString="Data Source=.;Initial Catalog=MyDatabase;Persist Security Info=False;Integrated Security=SSPI;" providerName="System.Data.SqlClient"/>
Also, you may find the ConnectionStrings.com SQL Server 2012 page helpful. Over the years I have found ConnectionStrings.com invaluable for reality checking connection-string variations for different versions of SQL Server, different clients etcetera.