diff --git a/windows/security/mdm-windows.md b/windows/security/mdm-windows.md
index 356249fc2e..2456527534 100644
--- a/windows/security/mdm-windows.md
+++ b/windows/security/mdm-windows.md
@@ -37,15 +37,6 @@ MDM includes several security features & capabilities, as described in the follo
 | Remote device attestation | Attestation relies on the Trusted Platform Module (TPM) and measured boot capabilities to enhance the security provided by trusted boot. IT administrators can use available boot information to protect against boot-level attacks and misconfigurations. The Microsoft Azure Attestation service securely reports on device boot health, firmware security, and other low-level security features used for device compliance. Microsoft Azure Attestation is designed to be policy-configured, giving control of your enterprise's device health to the administrator, allowing them to deal with low-level threats with confidence. Windows 11 comes with MDM integration with Microsoft Azure Attestation, allowing MDM providers to use the attestation capabilities to trust and enhance device security. <br/><br/>Learn more about [Microsoft Azure Attestation](/azure/attestation). |
 | (other stuff coming soon) | Device Installation, DMA Guard, Endpoint Detection and Response, the Microsoft Defender Security Center, Smartscreen, System Guard, and Windows Hello for Business |
 
-## Support for non-Microsoft MDM servers
-
-Non-Microsoft MDM servers can be used to manage Windows 11 by using industry standard protocols. The built-in management client can communicate with a third-party server proxy that supports the MDM protocols to perform enterprise management tasks. The third-party server will have the same consistent first-party user experience for enrollment, which also provides simplicity for Windows 11 users. MDM servers do not need to create or download a client to manage Windows 11. 
-
-For details about the MDM protocols, the following resources:
-
-- [MS-MDM: Mobile Device Management Protocol](/openspecs/windows_protocols/ms-mdm/33769a92-ac31-47ef-ae7b-dc8501f7104f) 
-- [MS-MDE2: Mobile Device Enrollment Protocol Version 2](/openspecs/windows_protocols/ms-mde2/4d7eadd5-3951-4f1c-8159-c39e07cbe692)
-
 ## Security baselines
 
 Windows 11 can be configured with the [Microsoft MDM security baseline](/mem/intune/protect/security-baseline-settings-mdm-all?pivots=mdm-december-2020) backed by ADMX policies, which functions like the Microsoft Group Policy security baseline. Security baselines enable security teams and IT admins to easily integrate this baseline into any MDM, addressing security concerns and compliance needs for modern cloud-managed devices.
@@ -57,3 +48,14 @@ The MDM security baseline includes policies that cover the following areas:
 - Setting credential requirements for passwords and PINs
 - Restricting the use of legacy technology
 - Legacy technology policies that offer alternative solutions with modern technology
+
+
+## Support for non-Microsoft MDM servers
+
+Non-Microsoft MDM servers can be used to manage Windows 11 by using industry standard protocols. The built-in management client can communicate with a third-party server proxy that supports the MDM protocols to perform enterprise management tasks. The third-party server will have the same consistent first-party user experience for enrollment, which also provides simplicity for Windows 11 users. MDM servers do not need to create or download a client to manage Windows 11. 
+
+For details about the MDM protocols, the following resources:
+
+- [MS-MDM: Mobile Device Management Protocol](/openspecs/windows_protocols/ms-mdm/33769a92-ac31-47ef-ae7b-dc8501f7104f) 
+- [MS-MDE2: Mobile Device Enrollment Protocol Version 2](/openspecs/windows_protocols/ms-mde2/4d7eadd5-3951-4f1c-8159-c39e07cbe692)
+
